Two hackers have been rewarded with a million free airmiles each after they exposed potential security issues with an airline’s website.
The rewards were part of United Airlines bug bounty scheme launched in May, that offers friendly hackers frequent flyer miles if they can hack into its corporate websites and mobile apps.
A number of hackers took advantage of the scheme and according to the BBC, two of them were handsomely rewarded for privately disclosing security flaws rather than sharing them online. It was reported that the two had been given the maximum reward of a million airmiles each.
Jordan Wiens for example tweeted his appreciation of the airline’s reward. “Wow! @united really paid out! Got a million miles for my bug bounty submissions! Very cool,” he tweeted.
One Twitter user congratulated Wiens on his reward, but noted he didn’t anywhere near that amount of airmiles for providing emergency medical treatment to a passenger and thus preventing an emergency landing.
It is the first time that an airline has offered a bug bounty scheme that instead of cash, offers friendly hackers between 50,000 and 1 million frequent flyer miles depending on the severity of the vulnerabilities they unearth.
But the airline has warned that hackers would be permanently disqualified from the bug bounty program and face possible criminal and/or legal investigation if they attempt brute-force attacks; code injection on live systems; disruption or denial-of-service attacks, as well as a number of other restrictions including threats against airline staff.
Computer problems are a growing issue for airlines nowadays. Indeed, last week a network connectivity issue grounded many of United Airlines’s aircraft for a number of hours.
The US Government Accountability Office has also previously warned that in-flight Wi-Fi could be used by terrorists or other hackers to take control of an aircraft’s avionic systems.
It is concerned because avionic systems that have traditionally been self-contained are now sharing the same network as passenger Wi-Fi, raising the possibility of remote unauthorised access.
And United Airlines found itself at the centre of security row last month, when one of the world’s foremost experts on counter-threat intelligence within the cybersecurity industry was hauled off one of its flights by the FBI.
Are you a security pro? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…