United Airlines Awards Hackers Millions of Miles for Revealing Risks

Advertisement
By Reuters | Updated: 16 July 2015 13:42 IST
United Continental Holdings Inc has awarded millions of frequent flier miles to hackers who have uncovered gaps in the carrier's web security, in a first for the U.S. airline industry.

United confirmed with Reuters that it has paid out two awards worth 1 million miles each, worth dozens of free domestic flights on the airline. United did not confirm tweets from individuals who say they have been paid smaller awards as well.

The Chicago-based carrier has hoped to trailblaze in the area of airline web security by offering "bug bounties" for uncovering cyber-risks. Through the program, researchers flag problems before malicious hackers can exploit them. The cost can be less than hiring outside consultancies.

Advertisement

Three of United's competitors declined to comment on bug bounty programs. A fourth was not immediately available for comment.

Trade group Airlines for America said in a statement that all U.S. carriers conduct tests to make sure their systems are secure.

Advertisement

United unveiled the approach in May just weeks before technological glitches grounded its entire fleet twice, underscoring the risks that airlines face. One incident locked the airline out of its reservations system, preventing customers from checking in, and another zapped functionality of the software United needed to dispatch its flight plan.

"We believe that this program will further bolster our security and allow us to continue to provide excellent service," United said on its website, declining additional comment.

Advertisement

Jordan Wiens, a researcher focused on cyber-vulnerabilities, tweeted last week that he received United's top reward of 1 million miles for exposing a flaw that could have allowed hackers to seize control of one of the airline's websites.

"It's really interesting that United did what they did," he said in an interview. "There actually aren't that many companies in any industry outside of technology that do bug bounties."

Advertisement

Wiens said it was normal for large companies such as United to have bugs in their websites.

Terms of the agreement prohibit Wiens from disclosing the bug he discovered. The terms also required that Wiens reveal the supposed problem to United without trying to exploit it, meaning he does not know how much information he could have accessed or manipulated.

Beyond the bounty, United said it tests systems internally and engages cyber-security firms to keep its websites secure.

© Thomson Reuters 2015

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Tecno Camon 50 Ultra 5G With a 6,500mAh Battery Debuts in India: See Price
  2. OnePlus Exits US, Europe, Continues Operations in India: 5 Things to Know
  3. OnePlus Phones Will Soon Run on ColorOS 17 Instead of OxygenOS
  4. Apple Back to School Sale: Grab These Deals on MacBook, iPad Models
  1. Samsung Patent Reportedly Shows Galaxy Z Flip Design With 360-Degree Fold, Curved Outer Display
  2. Apple May Introduce Vapour Chamber Cooling Across Foldable iPhone and Anniversary Models, Tipster Claims
  3. Google AI Mode Now Supports More Connected Apps Including YouTube Music for Everyday Tasks
  4. Tecno Camon 50 Ultra 5G Launched in India With 6,500mAh Battery, 50-Megapixel Cameras: Price, Specifications
  5. EU Regulator Exempts Smartwatches, Other Wearables From User-Replaceable Battery Mandate
  6. The Duskbloods' Closed Network Playtest Will Take Place in August, FromSoftware Confirms
  7. Skullcandy Crusher 1080 ANC Announced With With Bose Audio, Up to 60-Hour Battery: Price, Features
  8. Infinix Xpad 30 Pro Listed on Retail Website With 11-Inch 2.5K Display and 8,200mAh Battery
  9. iPad Mini With OLED Screen to Reportedly Launch in October as Apple Prepares Base iPad, iPad Air Refreshes
  10. Google Rebrands NotebookLM as Gemini Notebook; Brings Cloud Computing and Search Integration
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.