Whitehat Alert Security Program

Private Internet Access offers a bug bounty program to make our products safer and to reward whitehat security researchers for alerting us to potentially problematic bugs in our software.

Safe with Whitehat Security Alerts

World-Class Security

While PIA VPN is thoroughly vetted for any bugs and vulnerabilities, there are extremely rare instances where things slip through the cracks.

Open source software

Software That’s Always Improving

Because our software is open-source and publicly available in order to provide transparency for our users, anyone may inspect it and potentially discover a bug. If you do, we implore you to alert us. Please follow “whitehat” practices and responsibly disclose your discovery to PIA. We prioritize the investigation of reports and harden our systems if the discovery is legitimate.

Rewards For Responsible Disclosure

We offer an anonymous monetary prize — of an amount set at our absolute discretion — paid in Bitcoin to an address of your choosing — to reward your fair disclosure of security vulnerabilities or bugs in PIA software. If you would like to receive direct or pseudonymous recognition for your efforts, we may be able to arrange to interview you for our blog. 

rewards for disclosure
Reward examples

Reward Examples?

Some examples of potential rewards include thousands of US dollars for confirmed, unique SHELL access or SQL access like vulnerabilities.

Report Examination

Each report will be examined on a case by case basis for legitimacy and severity. Note that at this time, forum software vulnerabilities are not eligible for this program; we encourage you to report them directly to the Vanilla Forums developers.

Report check

In addition, if you provide us time to respond to your discovery and do not damage our systems, we will not pursue any criminal charges.

Please email [email protected] to report any discoveries.