Don't miss out! Join the thousands of people who subscribe to our once-daily email or our free miles and points Facebook group with all the best travel news. Points With a Crew has partnered with CardRatings for our coverage of credit card products. Points With a Crew and CardRatings may receive a commission from card issuers.
Among the many ways to accrue frequent flyer miles available, hacking an airline’s website isn’t one near the top of my list. Yet this is exactly what you can earn through United’s Bug Bounty program. You can even make enough miles to have free flights for a really, really, REALLY long time. One man’s skills have actually netted him 15 million United miles(!), making him the most successful hacker (contributor?) in United’s bug bounty program.
Ryan Pickren, a Georgia Tech student, has made more miles than he can use anytime soon by hacking United Airlines’ website. Sound like a recipe for prison time? Through United’s Bug Bounty program, it’s entirely legitimate. Pickren’s participation in the program started as a hobby to earn some miles to see his girlfriend, but he kept at it after he realized how much he enjoyed finding bugs.
Pickren’s hacking wasn’t always so constructive
Ryan Pickren’s hacking has also gotten him into trouble. In 2015 he was arrested for hacking into a rival schools calendar. Although the prank he pulled was harmless, the school did press charges. The offense was a felony that could result in 15 years in prison and a $50,000 fine. Fortunately, Pickren was allowed to complete a pretrial diversion program, which allowed the charges to be dismissed. And for him to turn to better pursuits, such as bug-finding for United Airlines.
United’s Bug Bounty program allows savvy hackers to earn miles by discovering and reporting security flaws in United’s app, website, or online portals. The payout per bug discovered varies from 50,000 to 1,000,000 miles. There are a large number of terms and conditions to the program, including some attacks that are off limits. This makes for an interesting situation where there could be a code-injection security bug, but you have to discover it without actually injecting code into one of United’s programs.
So what has Ryan done with the 15 million miles he earned by finding bugs? For one, he has donated 5 million to his alma mater. Beyond that, he has a multitude of other ways to use them (SEE: 6 ways to spend your million United miles).
Featured image via Wikimedia Commons under CC 4.0 license.
Points With a Crew has partnered with CardRatings for our coverage of credit card products. Points With a Crew and CardRatings may receive a commission from card issuers. Other links on this page may also pay me a commission - as always, thanks for your support if you use them