Categories: CyberCrimeSecurity

United Airlines Rewards Hackers With Million Airmiles

Two hackers have been rewarded with a million free airmiles each after they exposed potential security issues with an airline’s website.

The rewards were part of United Airlines bug bounty scheme launched in May, that offers friendly hackers frequent flyer miles if they can hack into its corporate websites and mobile apps.

Bug Bounty

A number of hackers took advantage of the scheme and according to the BBC, two of them were handsomely rewarded for privately disclosing security flaws rather than sharing them online. It was reported that the two had been given the maximum reward of a million airmiles each.

Jordan Wiens for example tweeted his appreciation of the airline’s reward. “Wow! @united really paid out! Got a million miles for my bug bounty submissions! Very cool,” he tweeted.

Although Wiens wouldn’t reveal the bug class/severity, he did mention that the bugs were not “technically challenging though.”

One Twitter user congratulated Wiens on his reward, but noted he didn’t anywhere near that amount of airmiles for providing emergency medical treatment to a passenger and thus preventing an emergency landing.

It is the first time that an airline has offered a bug bounty scheme that instead of cash, offers friendly hackers between 50,000 and 1 million frequent flyer miles depending on the severity of the vulnerabilities they unearth.

But the airline has warned that hackers would be permanently disqualified from the bug bounty program and face possible criminal and/or legal investigation if they attempt brute-force attacks; code injection on live systems; disruption or denial-of-service attacks, as well as a number of other restrictions including threats against airline staff.

Aviation Worry

Computer problems are a growing issue for airlines nowadays. Indeed, last week a network connectivity issue grounded many of United Airlines’s aircraft for a number of hours.

The US Government Accountability Office has also previously warned that in-flight Wi-Fi could be used by terrorists or other hackers to take control of an aircraft’s avionic systems.

It is concerned because avionic systems that have traditionally been self-contained are now sharing the same network as passenger Wi-Fi, raising the possibility of remote unauthorised access.

And United Airlines found itself at the centre of security row last month, when one of the world’s foremost experts on counter-threat intelligence within the cybersecurity industry was hauled off one of its flights by the FBI.

Are you a security pro? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

AT&T Admits Data Breach Impacted “Nearly All” Customers

American telecommunications giant AT&T admits that “nearly all” customer accounts were compromised in 2022 breach

2 days ago

Elon Musk’s X Breached DSA Rules, EU Finds

X's Blue checks 'used to mean trustworthy sources of information. Now our preliminary view is…

2 days ago

Japan’s SoftBank Acquires AI Chip Start-up Graphcore

SoftBank Group has purchased another British chip firm, with the acquisition of Bristol-based Graphcore Ltd…

2 days ago

Samsung AI-Upgraded Bixby Voice Assistant Coming This Year

Samsung reportedly confirms it will launch the upgraded voice assistant Bixby this year, that will…

3 days ago

Next Neuralink Brain Implant Coming Soon, Says Musk

Despite an issue with first Neuralink implant in a patient, Elon Musk says second brain…

3 days ago

EU Accepts Apple’s Legal Commitments To Open NFC Access

Legal commitment over Apple's NFC-based mobile payments system, which is to be opened to rival…

3 days ago