Uber is offering a $10,000 bounty for security bugs

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

NEW YORK– Uber is giving its “bug bounty” program two shots in the arm.

The ride-sharing company announced a new program that will pay hackers a whopping $10,000 for each critical problem they find with the app’s code. They will also give $5,000 to hackers who flag significant issues, and $3,000 for “medium” issues.

Many tech companies offer similar programs to hackers who help find cybersecurity vulnerabilities in their systems. But Uber’s new offer is particularly lucrative. AT&T bounties range from $100 to $5,000 bug bounty, while Google pays from $100 to $20,000.

Uber also said it is creating a loyalty reward program for hackers to help Uber deal with “subtle bugs.”

Here’s how it works: Beginning on May 1, hackers will have a 90-day window to find four issues that Uber accepts as genuine.

Uber will then issue an additional payout if the hacker finds a fifth bug within those 90 days — a payment that’s equal to 10% of the average payouts for all other issues found during the time frame.

By Robert Mclean
Notice: you are using an outdated browser. Microsoft does not recommend using IE as your default browser. Some features on this website, like video and images, might not work properly. For the best experience, please upgrade your browser.