Hackers have earned $100 million — not from ransom, extortion, or selling exfiltrated data, but from bounties collected at HackerOne since 2013. The bounties were collected from the discovery and disclosure of more than 170,000 vulnerabilities across almost 2,000 vendor-customer programs.
According to HackerOne, bounties have increased from $30,000 paid in October 2013 to $5.9 million — including $2.6 million in a single six-day period — paid last month. The increase in bounties paid is part of an industrywide increase in bug-bounty programs. For example, competitor Bugcrowd announced it had paid $500,000 in bounties in a single week in October.
In the statement announcing the milestone, HackerOne also noted it has seen a 38% increase in weekly new registrants for its programs since the beginning of the coronavirus pandemic in February.
Read more here.