Google says it accidentally paid hacker a handsome amount
Sam Curry, a self-proclaimed hacker, says he mysteriously received $249,999.99 from Google last month and had no idea why the tech giant just handed over a quarter of a million dollars.
“It’s been just over 3 weeks since Google randomly sent me $249,999 and I still haven’t had a response for the support ticket. Is there a way to contact @Google”, Curry tweeted on Tuesday, along with a screenshot of the transaction. He added: “It’s okay if you don’t want it back…”
Curry, a security engineer at Yuga Labs, told NPR that he sometimes does bug hunting for companies like Google. Then people get paid to help companies and other organizations find vulnerabilities in their software. But he says he was unable to find a link between bounty bug hunting for Google and the amount debited from his bank account.
The money was at Curry’s disposal, but he said he was keeping it just in case Google tried to get it back. He said if Google took too long to respond to him, he might have to put the money in a separate account to avoid paying taxes on it.
Google says it accidentally paid hacker a handsome amount
Ultimately, Curry suspected that Google probably accidentally paid him. It turned out he was right. In a statement to NPR, a Google spokesperson said, “Our team recently made a payment to the wrong party due to human error. We appreciate the affected partner promptly letting us know and we’re working to fix that.”
The company wants the money back, the spokesperson said. For his part, Curry said he’s curious how often this happens at Google and what systems the company has in place to check for similar bugs. He said he still had the money in his account.
Congratulations to the first cohort of our Image Equity Fellowship. 20 Fellows were selected from a pool of 1400+ applicants, with portfolios that uplift and represent communities of color. pic.twitter.com/V0xDEVpcwH
— Google (@Google) September 16, 2022
