Florida man wins over 1 million miles for hacking United Airlines

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

MELBOURNE, Fla. — Want to fly around the world for free? Just outsmart the airline.

United Airlines recently awarded one million free frequent flyer miles to two hackers who detected and alerted the company to bugs in its software. That’s equivalent to flying from the U.S. to Europe 33 times.

Now Jordan Wiens, a Florida software vulnerability researcher, can fulfill his dream of flying around the world. Business class.

“That’d be a once in a lifetime opportunity,” he said in an interview with the Washington Post.

The airline’s “bug bounty” program, which offers rewards to hackers who alert the company to defects in its system, is becoming common practice as risks of cyber breaches grow, security experts told the Post. Such contests were initially popular among tech companies like Facebook, Twitter and Dropbox, but now similar programs have been popping up outside the tech field.

United began its program just weeks before the airline’s entire fleet was grounded due to software glitches.

Wiens didn’t intend to enter the contest, but began tinkering with the airline’s software after a friend who entered the program asked for a little advice. After a few hours, Wiens realized he was on to something.

He ended up finding two bugs, one worth one million miles and the other worth 250,000 miles. Contest rules prohibit him from giving specific details on his discoveries, Wiens said.

Finding these bugs, however, doesn’t necessarily mean the company has weak security. In fact, Wiens says, running a program like this attests to the airline’s diligence and progressive view on crowd-sourcing cybersecurity.

“I don’t think United has a bad security posture,” he said. “I think having a bug bounty program speaks to the maturity of their online presence. I hope more companies get in on it.”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s