Did you know OpenAI Shares Fivefold Rise in Bug Bounty Rewards for Exceptional Security Vulnerabilities 

The makers of ChatGPT  just shared a fivefold rise in the maximum limit for bug bounty rewards for the most exceptional and differentiated security vulnerabilities. These could range from $20,000 to $100,000.

OpenAI says that today, its services have a user base of more than 400M people around the world. So that’s how many people tune in each week to use the platform, ranging from companies to governments.

This is why they want to be at the top of the game and ensure anyone claiming to find some critical vulnerabilities gets a great share as compensation. This rise is proof of the commitment towards high-impact security reports that assist the company in protecting and ensuring trust throughout various systems.

It’s a part of the ongoing efforts to further expand the bounty-based programs and reward all for the high-impact security studies it conducts. So bigger bounty bonuses will serve as incentives within certain domains for a limited time period.

Therefore, researchers can make the most of these promotional periods and submit reports that they feel could be eligible for the high reward. Before, the maximal threshold stood at $13,000. Therefore, seeing this go up massively is an indicator of how keen the company is to catch bugs, flaws, and security loopholes that might be missed by its own team of experts.

The firm shared how the reward program will not include issues of safety and privacy linked to its models. It won’t allow deceptive measures like tricking chatbots into ignoring guardrails implemented by engineers in the company.

We saw the company share the bug bounty initiative a month after a major payment data leak arose for ChatGPT. The company blamed the bug inside the platform’s Redis library, which is open-sourced for clients.

As shared in the past, the bug resulted in the ChatGPT service exposing chat questions and personal information for nearly 1.2% of all subscribers having ChatGPT Plus. As a result, a lot of sensitive details like credit card numbers, home addresses, email addresses, and more were shared.

This led many to believe that the company didn’t have the right security and privacy standards in place to handle such a huge database for clients. Therefore, it was certainly an eye-opener that a lot more needed to be done to stay on top of the tech game.