screenshot20160323at11

Uber dares hackers to find flaws, offers up to $10K bounty

On-demand car service Uber is offering from $3,000 to $10,000 to hackers who can find flaws in its computer and communications systems.

HackerOne, a company that connects white-hat hackers to companies who want to use them to test the security of systems, is running Uber's "bounty program."

The amount of the reward is based on the severity of the flaw discovered by a hackers, i.e., security researchers.

HackerOne has established three categories of rewards; $10,000 for a "critical flaw," $5,000 for a "significant flaw" and $3,000 for "medium issues."

"Chaining of bugs is not frowned upon in any way, we love to see clever exploit chains!" Uber stated in its online challenge. "If you get access to an Uber server, please report it us and we will reward you with an appropriate bounty taking into full consideration the severity of what could be done. Chaining a CSRF vulnerability with a self-XSS? Nice! Using AWS access key to dump user info? Not cool."

In 2014, Uber's servers were hacked and as many as 50,000 driver accounts were compromised. Immediately upon discovering the breach, Uber said it changed the access protocols for the database, "removing the possibility of unauthorized access."

It said it had not received any reports of actual misuse of information as a result of the 2014 breach.

Because it delayed informing its employees of the data breach, however, Uber was forced to pay a $20,000 penalty in a settlement with New York Attorney General Eric T. Schneiderman.

IDG Insider

PREVIOUS ARTICLE

« Microsoft adds macros lockdown feature in Office 2016 in response to increasing attacks

NEXT ARTICLE

Tesla quietly kills its largest Powerwall home battery »
author_image
IDG News Service

The IDG News Service is the world's leading daily source of global IT news, commentary and editorial resources. The News Service distributes content to IDG's more than 300 IT publications in more than 60 countries.

  • Mail

Recommended for You

Trump hits partial pause on Huawei ban, but 5G concerns persist

Phil Muncaster reports on China and beyond

FinancialForce profits from PSA investment

Martin Veitch's inside track on today’s tech trends

Future-proofing the Middle East

Keri Allan looks at the latest trends and technologies

Poll

Do you think your smartphone is making you a workaholic?