Tags: paypal | bug | reward | teen

PayPal Bug Reward a No-Go After Teen Finds Security Vulnerability

Tuesday, 28 May 2013 05:27 PM

By Morgan Chilson

  Comment  |
   Contact Us  |
|  A   A  
  Copy Shortlink
A 17-year-old German student found a significant security vulnerability on PayPal’s website, and when he revealed the issue to the company, expected to be rewarded.

But PayPal refused to pay Robert Kugler a Bug Bounty, telling him he was too young to participate in the company’s program that rewards people who find glitches in the system. TechWeek Europe reported that Paypal defended its actions in not paying the bounty because of Kugler’s age and because the bug had already been found.

Urgent: Is Obama Telling the Truth on IRS, Benghazi Scandals?

In an email to TechWeek Europe, the company spokesperson said, “While we appreciate Mr. Kugler’s contribution to PayPal’s Bug Bounty Program, we can confirm that the cross-scripting vulnerability he identified was already discovered by another security researcher and Mr. Kugler is ineligible to participate in the program since he is under 18 years old. We are working quickly to fix the cross-scripting issue, and we have not found any evidence at this time that our customers’ information has been compromised by this vulnerability."

Many companies like PayPal, Google and Facebook pay computer professionals a reward for finding vulnerabilities on their websites in an effort to avoid hacking and other security issues.

Kugler is listed on Microsoft’s website as a security researcher, and PCWorld magazine reported that he received $1,500 for finding vulnerabilities on Mozilla last year and $3,000 earlier this year for a different issue.

The German youth would like PayPal to at least send him documentation that he found the bug so he can use it in a job application.

PayPal’s refusal to pay Kugler has garnered some harsh headlines – “PayPal Shafts Teenager Out of Bug Bounty Award,” from Hothardware.com – and generated chatter on Reddit and other social sites.

Bug bounties are a good way for computer security researchers to make some extra cash. Websites like BugCrowd.com host lists of bug programs that pay for finding vulnerabilities.

It can be a lucrative venture for security researchers who are good at what they do. Facebook pays $500 if someone finds a “qualifying” bug; Google pays $100 and up to $20,000 for the really extreme issues.

Urgent: Is Obamacare Hurting Your Wallet? Vote in Poll

Related stories:

Facebook Says It Was the Target of Sophisticated Hacking Attack

EBay Says PayPal on Track to Reach 2 Million Stores in 2013

© 2014 Newsmax. All rights reserved.

  Comment  |
   Contact Us  |
  Copy Shortlink
Send me more news as it happens.
Get me on The Wire
Send me more news as it happens.
Around the Web
Join the Newsmax Community
Please review Community Guidelines before posting a comment.
>> Register to share your comments with the community.
>> Login if you are already a member.
blog comments powered by Disqus
Zip Code:
Privacy: We never share your email.
Hot Topics
Follow Newsmax
Like us
on Facebook
Follow us
on Twitter
Add us
on Google Plus
You May Also Like

Tapeworm in Brain of Man for 4 Years Removed by Surgeons

Saturday, 22 Nov 2014 17:33 PM

A tapeworm that not only lived in a man's brain for four years but traveled from one side of the brain to the other has  . . .

Window Washer's 11-Story Fall Ends Atop Car - He Survived!

Saturday, 22 Nov 2014 17:14 PM

A window washer survived with critical injuries after falling 11 stories from the roof of a San Francisco bank building  . . .

Georgia O'Keefe $44 Million Painting Most for Woman Artist

Saturday, 22 Nov 2014 16:49 PM

A new world auction record for women artists was set when a painting by late American artist Georgia O'Keeffe sold for m . . .

Top Stories

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

America's News Page
©  Newsmax Media, Inc.
All Rights Reserved