Tuesday, January 14, 2025
HomeSecurity NewsFacebook Launches Data Abuse Bounty Program With rewards Up to $40,000

Facebook Launches Data Abuse Bounty Program With rewards Up to $40,000

Published on

Facebook launches data Abuse Bounty Program that rewards researchers who report the abuse of data by app developers. The reward’s based on just like any other bug Bounty Program. For researchers who notifies high severity bug’s, they offer rewards up to $40,000 as a maximum payout.

This new Data Abuse Bounty Program as a part of our efforts to more quickly uncover potential abuse of people’s information,” said Collin Greene, Head of Product Security.

The move come’s after Overall 87 Million affected Facebook Users has been identified and most of them in the US but at least 1 million Facebook Users in the UK and More than 1 Million Facebook Users affected in Indonesia, the Philippines alone.

Data Abuse Bounty

Facebook said the main goal of this program is to protect users by fixing security vulnerabilities and to restrict the user data collected by app developers.

Bad actors can maliciously collect and abuse Facebook user data even when no security vulnerabilities exist. This program is intended to protect against that abuse.”

Mozilla launched a new Firefox add-on Facebook container that opens Facebook in an isolated blue screen container that cut’s of the tracking the data.

Mark Zuckerberg says lawmakers that we didn’t do enough to prevent these tools from being used for harm. It was my mistake, and I’m sorry.

The minimum reward starting from $500 and the maximum reward is $40,000 and it will be determined based on a variety of factors, including (but not limited to) impact, data exposure, number of affected users and other factors.

To report a potential data Abuse Bounty facebook set’s minimum criteria “10,000 or more Facebook users affected is our initial minimum for rewarding issues”.

Zuckerberg said to House committee that We’re in the process of investigating every app that had access to a large amount of information before we locked down our platform in 2014. If we detect suspicious activity we’ll ban them and tell everyone affected.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Google’s “Sign in with Google” Flaw Exposes Millions of Users’ Details

A critical flaw in Google's "Sign in with Google" authentication system has left millions...

Hackers Attacking Internet Connected Fortinet Firewalls Using Zero-Day Vulnerability

A widespread campaign targeting Fortinet FortiGate firewall devices with exposed management interfaces on the...

Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection

Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass...

CISA Released A Free Guide to Enhance OT Product Security

To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

LegionLoader Abusing Chrome Extensions To Deliver Infostealer Malware

LegionLoader, a C/C++ downloader malware, first seen in 2019, delivers payloads like malicious Chrome...

North Korean Hackers Stolen $2.2 Billion From Crypto Platforms In 2024

Cryptocurrency hacking incidents in 2024 surged 21.07% YoY to $2.2 billion, with 303 breaches...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...