Google Pays High School Student $10,000 for Reporting Security Flaw

Advertisement
By Gadgets 360 Staff | Updated: 11 August 2017 17:18 IST
Highlights
  • A high-school student spotted a vulnerability on Google's website
  • He reported the vulnerability to Google
  • Google thanked him and paid him $10,000

A high-school student from Uruguay has been rewarded with $10,000 (roughly Rs. 6.5 lakh) after he discovered and reported a vulnerability to Google.

The student, Ezequiel Pereira, says he chanced upon the vulnerability after a bout of boredom last month when he was poking around Google services using Burp Suite, a popular Web security testing tool.

After a few failed attempts, Pereira says he came across yaqs.googleplex.com, an internal webpage which didn't have username or password check in place. Googleplex.com hosts several Google App Engine apps.

Advertisement

"The website's homepage redirected me to "/eng", and that page was pretty interesting, it had many links to different sections about Google services and infrastructure, but before I visited any section, I read something in the footer: "Google Confidential".

Advertisement

"At that point I stopped poking at the website and reported the issue right away, without even thinking of a better way to show the vulnerability than with Burp," Pereira wrote.

Sharing screenshots of the email exchanges, Pereira said he received multiple response from Google's security team the same day, who confirmed that the bug he had reported was indeed effective.

Advertisement

Bug Bounty Hunters Say They Aren't Welcome in India

With little to no hope of any rewards, Pereira says he was surprised when a month later Google team informed him that he would be paid $10,000 for his work, and that he could share the nature of the vulnerability with the world.

Advertisement

Google has since resolved the vulnerability. "The bug has been fixed now, and, according to Google, the large reward was because they found a few variants that would have allowed an attacker access sensitive data," Pereira wrote.

The transparency and willing to reward independent security researchers is one of the things several Silicon Valley companies have been working on. Google, Microsoft and Apple are increasingly offering bug bounty reward programs where they encourage people to report any security or privacy flaws they spot in any of their services.

 
Post your comments

For details of the latest launches and news from Samsung, Xiaomi, Realme, OnePlus, Oppo and other companies at the Mobile World Congress in Barcelona, visit our MWC 2025 hub.

Further reading: Google, Security, Web, Internet, Bug Bounty, Facebook
Samsung Launches Portable Speakers and Headsets in India, Expands Audio Portfolio
Hike Acquires Creo, a Bengaluru-Based Smartphone and Streaming Media Dongle Maker
Advertisement

Related Stories

Apple Reportedly Considering Google’s Gemini Infrastructure for Advanced Siri Features
3 March 2026
Airtel Partners With Google to Offer AI-Powered Spam Protection for RCS Messaging in India
2 March 2026
Android 17 Beta 2 Released: Lets Users Create Bubble for Any App, Expands SMS OTP Protection
27 February 2026
Smartphones Launched in India (February 2026): Samsung Galaxy S26 Series, Google Pixel 10a, Vivo V70 Series and More
27 February 2026
Google Releases Nano Banana 2 With Faster AI Image Generation, Enhanced Text Rendering Capabilities
27 February 2026
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. OnePlus 15T Details Revealed; New Telephoto Lens, Bigger Battery Confirmed
  2. Samsung 'Holi Hai' Sale Brings Offers on Bespoke AI Appliances
  3. iPhone 17e Launched in India With MagSafe, 48-Megapixel Camera: See Price
  4. iPad Air (2026) With M4 Chip Launched in India at This Price
  5. Nothing Phone 4a Will Go on Sale in Bengaluru at a Drop Event on This Date
  6. iQOO 15R Goes on Sale in India Today: Know Price and Offers
  7. iQOO Z11x 5G Will Launch in India on This Date
  8. Here's When the Oppo Find X9 Ultra Will Be Launched Globally
  9. Meta Tests Shopping Capabilities in AI Assistant to Rival ChatGPT, Gemini
  10. Kiss of the Spider Woman OTT Release Date: Know When and Where to Watch it Online
#Latest Stories
  1. Aspirants Season 3 OTT Release Date Announced: When and Where to Watch it Online?
  2. Samsung Announces ‘Holi Hai’ Sale With Cashback on Bespoke AI Appliances
  3. Kiss of the Spider Woman OTT Release Date: Know When and Where to Watch it Online
  4. Vanchana OTT Release: When and Where to Watch the Courtroom Drama
  5. Xiaomi 18, Xiaomi 18 Pro, Xiaomi 18 Pro Max Early Leak Reveals Rear Camera Details
  6. Meta AI Reportedly Testing Personalised Shopping Recommendations to Compete With ChatGPT, Gemini
  7. Oppo Find N6 Reportedly Appears at MWC 2026; Company Confirms March Launch in China
  8. Resident Evil Requiem Becomes Highest User Rated Game of All Time on Metacritic
  9. MWC 2026: Tecno Camon 50 Ultra 5G Unveiled With 6,500mAh Battery, 50–Megapixel Camera
  10. Vivo Y21 5G With Dimensity 6300 Chip Listed on Cellular Operator’s Website Ahead of Launch
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.