Passengers check-in for United Continental flights in Los Angeles.
Photograph by Patrick T. Fallon — Bloomberg via Getty Images
By Melanie Lieberman and Travel + Leisure
September 20, 2016

Georgia Institute of Technology student Ryan Pickren used to get in trouble for hacking websites—in 2015, he hacked rival University of Georgia’s online calendar and almost spent 15 years in prison.

But now he’s being rewarded for his skills. Pickren participated in United Airlines’ Bug Bounty Program and earned 15 million United miles. At two cents a mile, that’s about $300,000 worth.

United’s white hat hacking program invites computer experts to legally hack their systems, paying up to 1 million United miles to hackers who can reveal major security flaws. At that rate, we can presume Pickren reported as many as 15 severe bugs.

The Points Guy noted that it’s potentially alarming that United’s systems “were so porous.”

Get Data Sheet, Fortune’s daily newsletter about technology

Pickren isn’t the only hacker who has recently discovered issues with the airline’s website: Last month, 19-year-old security researcher Olivier Beg earned 1 million frequent flyer miles by exposing 20 medium and low-severity issues (worth 250,000 and 50,000 frequent flyer miles, respectively).

The only drawback to all those free miles? Taxes. Having earned $300,000 of taxable income from the Bug Bounty Program, Pickren could owe the Internal Revenue Service tens of thousands of dollars.

More from T+L:
The Cheapest Places to Travel for Each Month of the Year
America’s Rudest Cities
The 100 Best Hotels in the World

He’s not keeping all of the miles, though: Pickren donated five million of them to Georgia Tech.

This article previously appeared on


You May Like