Ethical hackers exposed more than 60 cybersecurity holes in an enterprise system used by millions of Defense Department employees to organize travel plans.
The vulnerabilities within the Defense Travel System were uncovered during the Pentagon’s fifth bug bounty program, Hack the DTS, which ran from April 1 to April 29.
The 19 participants won nearly $80,000 in bounties after spotting 65 unique bugs, 28 of which were deemed highly severe or critical. This included eight vulnerabilities worth $5,000 a piece.
“Securing sensitive information for millions of government employees and contractors is no easy task,” said Reina Staley, chief of staff and co-founder of the Defense Digital Service, in a statement. “No system is infallible, and this assessment was the first time we employed a crowd-sourced approach to improve the security aspect of DTS.”