Google Pays High School Student $10,000 for Reporting Security Flaw

Advertisement
By Gadgets 360 Staff | Updated: 11 August 2017 17:18 IST
Highlights
  • A high-school student spotted a vulnerability on Google's website
  • He reported the vulnerability to Google
  • Google thanked him and paid him $10,000

A high-school student from Uruguay has been rewarded with $10,000 (roughly Rs. 6.5 lakh) after he discovered and reported a vulnerability to Google.

The student, Ezequiel Pereira, says he chanced upon the vulnerability after a bout of boredom last month when he was poking around Google services using Burp Suite, a popular Web security testing tool.

After a few failed attempts, Pereira says he came across yaqs.googleplex.com, an internal webpage which didn't have username or password check in place. Googleplex.com hosts several Google App Engine apps.

Advertisement

"The website's homepage redirected me to "/eng", and that page was pretty interesting, it had many links to different sections about Google services and infrastructure, but before I visited any section, I read something in the footer: "Google Confidential".

Advertisement

"At that point I stopped poking at the website and reported the issue right away, without even thinking of a better way to show the vulnerability than with Burp," Pereira wrote.

Sharing screenshots of the email exchanges, Pereira said he received multiple response from Google's security team the same day, who confirmed that the bug he had reported was indeed effective.

Advertisement

Bug Bounty Hunters Say They Aren't Welcome in India

With little to no hope of any rewards, Pereira says he was surprised when a month later Google team informed him that he would be paid $10,000 for his work, and that he could share the nature of the vulnerability with the world.

Advertisement

Google has since resolved the vulnerability. "The bug has been fixed now, and, according to Google, the large reward was because they found a few variants that would have allowed an attacker access sensitive data," Pereira wrote.

The transparency and willing to reward independent security researchers is one of the things several Silicon Valley companies have been working on. Google, Microsoft and Apple are increasingly offering bug bounty reward programs where they encourage people to report any security or privacy flaws they spot in any of their services.

 
Post your comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Google, Security, Web, Internet, Bug Bounty, Facebook
Samsung Launches Portable Speakers and Headsets in India, Expands Audio Portfolio
Hike Acquires Creo, a Bengaluru-Based Smartphone and Streaming Media Dongle Maker
Advertisement

Related Stories

Google Workspace Studio Launched, Lets Users Create AI Agents for Automation
4 December 2025
Google Expands In-Call Scam Protection for Banking Apps: Here's How It Works on Android
4 December 2025
Google Photos 2025 Recap Rolls Out With Your Most Memorable Photo and Video Moments
3 December 2025
Google Pixel Phones Get AI Notification Summaries, New Parental Controls With Android 16 QPR2 Update
3 December 2025
Circle to Search Update Adds Spam Detection; Google Brings Urgent Call Notes, New Emoji to Android
3 December 2025
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Cloudflare Is Down Again For the Second Time in Weeks: See Affected Sites
  2. ACT Fibernet Launches New Broadband Plans With Free OTT Subscriptions
  3. OnePlus 15R Surfaces on Benchmarking Site Ahead of India Launch
  4. Flipkart Buy Buy 2025 Sale: Nothing Phone 3, Phone 3a Deals Revealed
  5. Motorola Edge 70 With Pantone's 2026 Colour, Swarovski Crystals Launched
  6. Nothing Phone 3a Lite Goes on Sale in India at This Price
  7. Airtel Discontinues These Prepaid Recharge Packs in India
  8. HMD 101, HMD 100 With Built-In Radio Launched in India at These Prices
  9. Realme Says It Will Launch Two New Narzo Smartphones in India Soon
  10. OTT Releases of the Week (Dec 1 – Dec 7): Know What to Watch
#Latest Stories
  1. Cloudflare Outage Blocks Access to Several Websites Including BookMyShow, SpaceX, Coinbase
  2. Samsung Galaxy S26 Series to Offer Built-In Support for Company's 25W Magnetic Qi2 Charger: Report
  3. Airtel Discontinues Two Prepaid Recharge Packs in India With Data Benefits, Free Airtel Xtreme Play Subscription
  4. Samsung Galaxy Phones, Devices Are Now Available via Instamart With 10-Minute Instant Delivery
  5. NotebookLM App Gets an In-Built Camera, Lets Users Upload Images as a Source
  6. HMD 101 Launched in India With 1,000mAh Battery, Auto Call Recording Alongside HMD 100: Price, Features
  7. Crypto Traders Await US Fed Signals as Bitcoin Price Drops to $91,900
  8. Nothing Phone 3a Lite Goes on Sale in India: See Price, Offers, Availability
  9. Realme Narzo Phones Confirmed to Launch in India Soon via Amazon
  10. Samsung Galaxy Watch Ultra 2 Launch Timeline Leaked; Could Debut Alongside Samsung Galaxy Watch 9
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.