1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Email List Value & Bug bounty

Discussion in 'Making Money' started by Kainan, Nov 14, 2016.

Tags:
  1. Kainan

    Kainan Newbie

    Joined:
    Nov 14, 2016
    Messages:
    2
    Likes Received:
    0
    Gender:
    Male
    Hello everyone!

    I recently stumbled upon a list of around 1 million valid, current, active email addresses, all used to login to facebook. this list is seemingly growing around 0.3-2% per day.

    The list seems to be comprised of almost entirely Canadian residents.



    My question is as follows:

    What is an email list like this worth?

    Facebook pays an average of 4000$ on valid bug bounties. Would facebook care enough to pay a decent/any bounty for a vulnerability like this?
     
  2. tasburrfoot

    tasburrfoot Regular Member

    Joined:
    Dec 16, 2008
    Messages:
    323
    Likes Received:
    152
    You would have to ask Facebook that question.

    1mill Canadian active emails could be good though.
     
  3. Kainan

    Kainan Newbie

    Joined:
    Nov 14, 2016
    Messages:
    2
    Likes Received:
    0
    Gender:
    Male
    Yeah, I figured asking them myself might be the best option to get a quote on that, although I'm still curious as to what 1 million active Canadian facebook users are worth, Also somewhat curious as to if anyone here has any experience with facebook's bug bounty and the rewards with it. Technically it's not a massive bug because its only 1 million users out of over a billion being affected so I'm not sure how much they will care.
     
  4. tasburrfoot

    tasburrfoot Regular Member

    Joined:
    Dec 16, 2008
    Messages:
    323
    Likes Received:
    152
    Just having the emails counts for nothing - that's not a bug.

    They only pay depending on HOW you're getting that information(scraping won't pay you shit). So you'd have to pulling that data out of their server in a way that shouldn't be happening.