Uber's list of top 50 security researchers who participated in its year-old bug bounty program features six Indians. The year-old initiative has had a great response, with the ride-hailing app giving out over $860,000 in cash rewards to the ethical hackers.
Uber has published a blog post thanking over 500 hackers who participated in the program.
"Uber's bug bounty program works with security researchers all over the world to fix bugs, even when they don't directly impact our users. We appreciate the ongoing contributions of the six researchers in India," the post stated.
There are researchers from over 26 countries in the top-50 list. Details of all the hackers are given at Uber's HackerOne page.
Parth Malhotra was among the top researchers in the past year, having bagged a bounty of over $38,040 for fixing bugs, including one for a complete account takeover.
"I found some critical bugs, such as an Uber account takeover that could impact users," Anand Prakash, another Indian researcher in the list, told HuffPost India. "In another incident user A was able to see trip details of User B. Then, there was restaurant owners' data leak, such as email address, phone number, address, and the free ride bug." In all, Prakash received $13,600 from Uber for his services.
The total reward amount for all six Indian hackers added up to $76,000.
Over the last few years, Indian security researchers have had a lucrative run with bug hacking programs run by various companies. Prakash was among those at the very top, with a ₹2.2 crore bounty.