Call it an insult to their users. It is. After the debacle they’ve had over emails, Yahoo has decided to compensate you with a $12.50 discount voucher.
Google, Microsoft, Facebook, and any other company serving millions of customers with online services, rely on security researchers to report vulnerabilities. They even encourage such reporting by offering bug bounties that can be worth thousands of dollars. Yahoo! is another company that needs to keep on top of vulnerabilities, but it has recently been discovered their rewards leave a lot to be desired.
High-Tech Bridge, an information security company, decided to focus on Yahoo! and its services to find out how quickly they responded to vulnerability reports. In total, High-Tech discovered four vulnerabilities, with Yahoo! responding to each within 24-48 hours, which isnâ€™t bad. What is bad, however, is the reward on offer for finding such a vulnerability.