Tags: paypal | bug | reward | teen

PayPal Bug Reward a No-Go After Teen Finds Security Vulnerability

Tuesday, 28 May 2013 05:27 PM

By Morgan Chilson

  Comment  |
   Contact  |
  Print   |
    A   A  
  Copy Shortlink
A 17-year-old German student found a significant security vulnerability on PayPal’s website, and when he revealed the issue to the company, expected to be rewarded.

But PayPal refused to pay Robert Kugler a Bug Bounty, telling him he was too young to participate in the company’s program that rewards people who find glitches in the system. TechWeek Europe reported that Paypal defended its actions in not paying the bounty because of Kugler’s age and because the bug had already been found.

Urgent: Is Obama Telling the Truth on IRS, Benghazi Scandals?

In an email to TechWeek Europe, the company spokesperson said, “While we appreciate Mr. Kugler’s contribution to PayPal’s Bug Bounty Program, we can confirm that the cross-scripting vulnerability he identified was already discovered by another security researcher and Mr. Kugler is ineligible to participate in the program since he is under 18 years old. We are working quickly to fix the cross-scripting issue, and we have not found any evidence at this time that our customers’ information has been compromised by this vulnerability."

Many companies like PayPal, Google and Facebook pay computer professionals a reward for finding vulnerabilities on their websites in an effort to avoid hacking and other security issues.

Kugler is listed on Microsoft’s website as a security researcher, and PCWorld magazine reported that he received $1,500 for finding vulnerabilities on Mozilla last year and $3,000 earlier this year for a different issue.

The German youth would like PayPal to at least send him documentation that he found the bug so he can use it in a job application.

PayPal’s refusal to pay Kugler has garnered some harsh headlines – “PayPal Shafts Teenager Out of Bug Bounty Award,” from Hothardware.com – and generated chatter on Reddit and other social sites.

Bug bounties are a good way for computer security researchers to make some extra cash. Websites like BugCrowd.com host lists of bug programs that pay for finding vulnerabilities.

It can be a lucrative venture for security researchers who are good at what they do. Facebook pays $500 if someone finds a “qualifying” bug; Google pays $100 and up to $20,000 for the really extreme issues.

Urgent: Is Obamacare Hurting Your Wallet? Vote in Poll

Related stories:

Facebook Says It Was the Target of Sophisticated Hacking Attack

EBay Says PayPal on Track to Reach 2 Million Stores in 2013

© 2014 Newsmax. All rights reserved.

  Comment  |
   Contact  |
  Print   |
  Copy Shortlink
Send me more news as it happens.
Get me on The Wire
Send me more news as it happens.
Around the Web
Join the Newsmax Community
Please review Community Guidelines before posting a comment.
>> Register to share your comments with the community.
>> Login if you are already a member.
blog comments powered by Disqus
Zip Code:
Privacy: We never share your email.
Follow Newsmax
Like us
on Facebook
Follow us
on Twitter
Add us
on Google Plus
You May Also Like

Jaycee Chan, Jackie's Son, Faces Formal Drugs Offense in China

Monday, 22 Dec 2014 10:39 AM

Jaycee Chan, son of kung fu movie star Jackie Chan, has been formally charged with a drugs offense, meaning he is almost . . .

Gun Range Billboard Has Santa Claus Toting Automatic Weapon

Monday, 22 Dec 2014 10:21 AM

A California gun range has raised eyebrows with a billboard showing Santa Claus posed with an automatic weapon, but the  . . .

Raymond James Lightning Strike Injures Fans at Tampa Bay Game

Monday, 22 Dec 2014 09:34 AM

A lightning strike at Tampa's Raymond James Stadium's parking lot near the end of the NFL game between the Green Bay Pac . . .

Top Stories

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

America's News Page
©  Newsmax Media, Inc.
All Rights Reserved