2 Hackers Win Over 1 Million Air Miles each for Reporting Bugs in United Airlines

August 9, 2016

Two computer hackers have earned more than 1 Million frequent-flyer miles each from United Airlines for finding and reporting multiple security vulnerabilities in the Airline’s website.

Olivier Beg, a 19-year-old security researcher from the Netherlands, has earned 1 Million air miles from United Airlines for finding around 20 security vulnerabilities in the software systems of the airline.

Last year, Chicago-based ‘United Airlines’ launched a bug bounty program to invite security researchers and bug hunters for finding and reporting security holes in its websites, software, apps and web portals.

Under its bounty program, United Airlines offers a top reward of 1 Million flyer miles for reporting Remote Code Execution (RCE) flaws; 250,000 miles for medium-severity vulnerabilities, and 50,000 flyer miles for low-severity bugs.

According to Netherlands Broadcasting Foundation, the 19-year-old reported 20 security issues to United Airlines and the most severe flaw earned the teenager 250,000 air miles.

Beg did not reveal the details about the flaws he discovered, but the teenager claims to have reported flaws in software from popular tech companies including Yahoo, Google, and Facebook.

Another 23-years-old security researcher from Algeria reported three security issues under the airline’s bug bounty program and earned 1.7 Million flyer miles from the United Airlines.

Read full story…