Whitehat Alert Security Program!
Private Internet Access offers a bug bounty program to make our products safer and to reward whitehat security researchers for alerting us to potentially problematic bugs in our software.
World-Class Security
While PIA VPN is thoroughly vetted for any bugs and vulnerabilities, there are extremely rare instances where things slip through the cracks.
Software That’s Always Improving
Because our software is open-source and publicly available in order to provide transparency for our users, anyone may inspect it and potentially discover a bug. If you do, we implore you to alert us. Please follow “whitehat” practices and responsibly disclose your discovery to PIA. We prioritize the investigation of reports and harden our systems if the discovery is legitimate.
Rewards For Responsible Disclosure
We offer an anonymous monetary prize — of an amount set at our absolute discretion — paid in Bitcoin to an address of your choosing — to reward your fair disclosure of security vulnerabilities or bugs in PIA software. If you would like to receive direct or pseudonymous recognition for your efforts, we may be able to arrange to interview you for our blog.
Reward Examples?
Some examples of potential rewards include thousands of US dollars for confirmed, unique SHELL access or SQL access like vulnerabilities.
Report Examination
Each report will be examined on a case by case basis for legitimacy and severity. Note that at this time, forum software vulnerabilities are not eligible for this program; we encourage you to report them directly to the Vanilla Forums developers.
In addition, if you provide us time to respond to your discovery and do not damage our systems, we will not pursue any criminal charges.
Please email [email protected] to report any discoveries.