OpenAI has raised its maximum bug bounty reward from $20,000 to $100,000 for major security flaws.
The company says this increase is meant to encourage researchers to find and report serious vulnerabilities that could impact its systems.
OpenAI’s services are used by 400 million people worldwide, including businesses and governments. The company stated, “We are significantly increasing the maximum bounty payout for exceptional and differentiated critical findings to $100,000,” highlighting its commitment to security and user protection.
To further motivate security researchers, OpenAI is also running special promotions with extra bonuses for certain types of vulnerabilities. For example, until April 30, researchers who find Insecure Direct Object Reference (IDOR) issues in OpenAI’s infrastructure can earn up to $13,000 in rewards.
OpenAI first introduced its bug bounty program in April 2023 through Bugcrowd, offering up to $20,000 for reported security flaws. However, some issues, such as model safety concerns, jailbreaks, and ways to bypass ChatGPT’s safeguards, are not included in the program.
The bug bounty initiative was launched shortly after OpenAI experienced a data leak that exposed chat history and partial payment details of some ChatGPT Plus subscribers due to a bug in its system.
