comscore Meta is offering at least $500 to engineers, researchers as part of a new bug bounty program

Meta expands bug bounty program, to reward at least $500 for data scraping discoveries

Meta expands bug bounty program to allow researchers to report on potential bugs that could enable scraping activity, as well as previously scraped data that are already there on the internet


Data scraping has been a major issue for social media and tech companies. To curb the affair, Meta formerly known as Facebook is expanding its bug bounty program and will reward researchers who discover any scraping activity. Also Read - WhatsApp Message Reactions feature tipped to get a separate notification settings menu

The company believes it to be the first to bring a bug bounty program that aims to crack down on data scraping. As the reports cite, Meta’s program has matured from a mere Facebook website to covering its web and mobile clients across all its major apps, services like Instagram, WhatsApp, Workplace, etc. Continuing its effort towards the initiative, the company notes to have been “looking to find vulnerabilities that enable attackers to bypass scraping limitations to access data at greater scale than what we initially intended.” Also Read - Meta’s Spanish language moderators describe harrowing tale of working amid pandemic

With the expansion, Meta will allow researchers to report on potential bugs that could enable scraping activity, as well as previously scraped data that are already there on the internet. Also Read - Metaverse is coming: Here’s what top tech companies are saying about it

For the unversed, data scraping online is a process of using bots to extract data from a website. As noted, it is different than other malicious activity Meta tracks as it used automated tools to accumulate personal information from users’ profiles including email addresses, phone numbers, profile photos, etc. While users often share these details on their public Facebook profiles, scrapers as Engadget points out can expose the information more widely like publishing it in searchable databases.

The report further notes that it can be difficult for the company to counter the activity given more than 500 million Facebook users’ information that was published on a forum this April, their actual data scraping already occurred a year before. The company no doubt addressed the flaw, but it was barely effective as the data was exposed online. Meta even sued some individuals for such activity.

Meta Bug Bounty program to combat data scraping: How will it benefit researchers

Meta’s expansion of the Bug Bounty program will reward researchers for finding “unprotected or openly public databases containing at least 100,000 unique Facebook user records with PII [personally identifiable information] or sensitive data (e.g. email, phone number, physical address, religious or political affiliation).” For this, the company will open up two new areas for the HackerPlus bug bounty community. Instead of usual payouts, Meta will provide the reward in the form of charity donations to nonprofits of a researcher’s choosing to ensure that the company is not incentivizing the publishing of scraping data. For reporting bugs on data scraping activity, researchers can choose between a donation or a direct payout. Each bug or dataset is eligible for at least a $500 award.

For the latest tech news across the world, latest PC and Mobile games, tips & tricks, top-notch gadget reviews of most exciting releases follow BGR India’s Facebook, Twitter, subscribe our YouTube Channel. Also follow us on  Facebook Messenger for latest updates.
  • Published Date: December 16, 2021 2:58 PM IST

new arrivals in india

Best Sellers