Categories: CyberCrimeSecurity

United Airlines Rewards Hackers With Million Airmiles

Two hackers have been rewarded with a million free airmiles each after they exposed potential security issues with an airline’s website.

The rewards were part of United Airlines bug bounty scheme launched in May, that offers friendly hackers frequent flyer miles if they can hack into its corporate websites and mobile apps.

Bug Bounty

A number of hackers took advantage of the scheme and according to the BBC, two of them were handsomely rewarded for privately disclosing security flaws rather than sharing them online. It was reported that the two had been given the maximum reward of a million airmiles each.

Jordan Wiens for example tweeted his appreciation of the airline’s reward. “Wow! @united really paid out! Got a million miles for my bug bounty submissions! Very cool,” he tweeted.

Although Wiens wouldn’t reveal the bug class/severity, he did mention that the bugs were not “technically challenging though.”

One Twitter user congratulated Wiens on his reward, but noted he didn’t anywhere near that amount of airmiles for providing emergency medical treatment to a passenger and thus preventing an emergency landing.

It is the first time that an airline has offered a bug bounty scheme that instead of cash, offers friendly hackers between 50,000 and 1 million frequent flyer miles depending on the severity of the vulnerabilities they unearth.

But the airline has warned that hackers would be permanently disqualified from the bug bounty program and face possible criminal and/or legal investigation if they attempt brute-force attacks; code injection on live systems; disruption or denial-of-service attacks, as well as a number of other restrictions including threats against airline staff.

Aviation Worry

Computer problems are a growing issue for airlines nowadays. Indeed, last week a network connectivity issue grounded many of United Airlines’s aircraft for a number of hours.

The US Government Accountability Office has also previously warned that in-flight Wi-Fi could be used by terrorists or other hackers to take control of an aircraft’s avionic systems.

It is concerned because avionic systems that have traditionally been self-contained are now sharing the same network as passenger Wi-Fi, raising the possibility of remote unauthorised access.

And United Airlines found itself at the centre of security row last month, when one of the world’s foremost experts on counter-threat intelligence within the cybersecurity industry was hauled off one of its flights by the FBI.

Are you a security pro? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

6 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

9 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

10 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

11 hours ago