US airline United has rewarded two hackers who spotted security holes in its website with a million free flight miles each.
The flight provider operates a “bug bounty” scheme that rewards hackers for privately disclosing security flaws rather than sharing them online.
It has given the maximum reward of a million flight miles, worth dozens of trips, to two people.
One security expert said the scheme was a big step forward for online security.
“Schemes like this reward hackers for finding and disclosing problems in the right way. That makes the internet safer for all of us,” said security consultant Dr Jessica Barker.
“Bug bounties are common in tech companies as they tend to understand online security a bit more, but other industries are catching up,” said Dr Barker.