But offering frequent flyer miles instead of cash helped get the hacker community’s attention.
According to Reuters, United has confirmed two bug bounty awards of 1 million miles.
Jorsan Wiens was one of the two individuals who received one million United Airlines miles last week, having pointed out a flaw in its website. Moving forward it will be interesting to see just how this new bug bounty program works for United, and if other airlines in the industry will implement similar measures to prevent such events from happening to their own technical systems.
Now security experts say as companies grow increasingly automate critical functions and the risks of cyber breaches grows, the practice is spreading outside the tech field.
‘I have been telling the wife for awhile that I am going to take her to Hawaii, ‘ he said. Within weeks of the launch of the program, the airline’s fleet was gutted twice, once again revealing large chinks of risks that the airline had. But the airline says that problem was a connectivity issue that wasn’t caused by hacking.
The airline is confident that through the bug fixes in its website, it will avoid any future software glitch, as it is also working on improving its software. “Most, if not all, airlines have internal programs whereby they continuously check their systems and have teams that conduct intrusion systems checks”.
United Continental Holdings Inc. has awarded millions of frequent flier miles to hackers who have uncovered gaps in the carrier’s web security, in a first for the US airline industry.
Bug bounty programs have grown significantly in popularity as companies seek to proactively address security problems and shortcomings in their applications that can harm user experience.
“We believe that this program will further bolster out security and allow us to continue to provide excellent service”, United said.
United declined to release the names of the two people who earned 1-million-mile rewards.
Cyber vulnerability researcher Jordan Wiens said he was awarded 1 million miles for discovering a system flaw that would have enabled hackers to gain access and control of United’s websites.