Security Researcher Earns $20,000 for Uncovering Major Facebook Bug

A British security researcher recently uncovered a bug allowing him to take over someone else's Facebook account via text message, a vulnerability that could have compromised millions of profiles. The researcher reported it to Facebook and earned a $20,000 reward from the company

Jack Whitton, an application security engineer who also works as a security researcher in his spare time, discovered the bug on May 23. Whitton found that he could trick Facebook into sending him a password reset code for another user's account, potentially allowing him to hijack the account of anyone who had a profile linked to their cellphone number. He immediately reported the bug to Facebook, and it was fixed five days later