Plenty of tech companies are offering very generous rewards to those who manage to find security loopholes in their networks — just ask 10-year-old Jani, who isn’t even old enough to have an Instagram account but still managed to hack the social media network. His reward for doing so? A cool $10,000.
The Finnish boy uncovered a flaw in the network that essentially allowed him to delete any comment on Instagram. “I would have been able to eliminate anyone, even Justin Bieber,” he said in an interview with Finnish publication Iltalehti.
Once Jani discovered the flaw, he made Facebook, Instagram’s parent, aware of his findings simply by emailing the company. He even verified the findings by deleting a comment Facebook made using a test account. The security flaw was eventually resolved in February, and Facebook told Jani in March that the problem had been fixed and gave him his reward.
Jani himself hopes to one day be a security expert, but you could argue that he already is one. Until he enters the professional world, however, it looks like he has plenty of cash to burn — he plans on buying a new bike, football gear, and he’s even nice enough to buy new computers for his two brothers.
Jani isn’t the only young person to take part in Facebook’s bounty program, although he is the youngest so far. Previously, the youngest person to get money through the program was 13, according to Facebook. As of February, Facebook has paid out a total of $4.3 million in rewards to more than 800 security researchers. Facebook added Instagram to the program in 2014.
Of course, Facebook isn’t the only company to offer a bounty program — Google, Microsoft, and other companies do as well. The idea is that the cost of paying security researchers is nothing compared to the cost of cleaning up a large-scale security disaster. Imagine the fallout of a hacker deleting all of Justin Bieber’s Instagram comments.