Meta expands bug bounty programme to include data scraping

Meta expands bug bounty programme to include data scraping.

Meta expands bug bounty programme to include data scraping.

Meta is expanding its bug bounty programme to reward valid reports of scraping bugs on its platform.

(Sign up to our Technology newsletter, Today's Cache, for insights on emerging themes at the intersection of technology, business and policy. Click here to subscribe for free.)

The company, formerly known as Facebook, said it will reward researchers who report data scraping even if the data they target is public.

It will reward reports of unprotected or openly public databases, not previously reported and containing at least 100,000 unique Facebook user records with personally identifiable information (PII).

If the user PII was scraped and is now available online on a non-Meta site, the company said it will work to take appropriate measures including working with the relevant entity to remove the dataset or seeking legal means to help ensure the issue is addressed.

Meta wants to find bugs that enable attackers to bypass scraping limitations to access data at a greater scale than the product intended.

According to the social media giant, it has awarded over $2.3 million to researchers from more than 46 countries this year as part of its bug bounty programme.

With this new programme, Meta plans to quickly identify and counter scenarios that might make scraping less costly for malicious actors to execute.

Our code of editorial values

This article is closed for comments.
Please Email the Editor

Printable version | May 16, 2022 2:24:43 am |