Bugcrowd has partnered with Western Union to launch the company’s public bug bounty program this past week.
Rewards range from $100 to $5,000, according to a press release on the program. Western Union’s global sites are up for bug spotting, including its French and Australian homepages. So far, 68 bugs have been rewarded.
Researchers must also receive explicit permission to disclose the results of a submission, Bugcrowd wrote on its program page. Not eligible for a bounty are banner disclosure on common/public services, clickjacking and issues only exploitable through clickjacking, and disclosure of known public files or directories.
Western Union had one of its databases breached nearly eight years ago. Twenty thousand customers had their names, addresses, phone numbers and credit card information stolen in the attack.