Sign up for The Paypers newsletter Follow The Paypers on LinkedIn Follow The Paypers on Twitter Follow The Paypers on Facebook
The Paypers, paypers, Insight in payments, News, Reports, Events
 advertisement
Digital Identity, Security & Online Fraud

Hyatt rolls out public bug bounty program on HackerOne

Friday 11 January 2019 | 10:22 AM CET

Hyatt Hotels Corporation has announced the release of their public bug bounty program on HackerOne.

As part of this program, researchers can search for vulnerabilities on hyatt.com, www.hyatt.com, world.hyatt.com, and the Hyatt Hotels Mobile Applications for Android and iOS. For vulnerabilities found under these assets, Hyatt will pay between USD 300 to USD 4,000 USD depending on the severity of the vulnerability.

Hyatt's bug bounty program was originally launched as a private invite only program on HackerOne, which received 14 reports and paid out USD 5,600 in bounties. Based on the positive results with the program, Hyatt decided to open the program up to everyone, according to BleepingComputer.

In 2017 the the company’s cyber security team discovered signs of unauthorized access to payment card information from cards manually entered or swiped at the front desk of certain Hyatt-managed locations between March 18, 2017 and July 2, 2017. The incident affected payment card information such as cardholder name, card number, expiration date and internal verification code.

More: Link
 advertisement
 advertisement
 advertisement
 advertisement