Apple may be giving its customers peace of mind with a newly released fix for its FaceTime security bug, but one user is getting something more: money for discovering the vulnerability.
Grant Thompson, a 14-year-old in Arizona, stumbled upon the hack last month when he was calling a friend to play the video game “Fortnite.” When his friend did not pick up the FaceTime call, he added a second friend to the group call, which caused the original call to “pick up” even though his friend did not answer, according to multiple reports. The security flaw let Grant eavesdrop on the other line. He re-created the hack several times with his friends and his mom to confirm the existence of the bug, he said.
Now Apple is rewarding him for his discovery. The company said it would pay the Thompson family for reporting the bug and will also make a gift toward Grant’s education. Apple did not say how much it would give.
Appearing with his mom on CNBC this week, Grant said he was surprised to find the flaw before Apple did, adding that he would remain an iPhone user despite the bug. “In general, I think that Apple tries to keep our privacy safe, and I respect that,” he said.
He was also asked whether his popularity at school has changed since Apple credited him with discovering and reporting the bug. “Quite a few of my friends know of it and think it’s pretty cool,” he said.
Grant’s mom, Michele Thompson, said during the same interview that she called and emailed Apple to alert them about the bug days before its existence was widely reported in the news media.
Thompson did not respond to requests for comment.
“We again apologize to our customers and we thank them for their patience. In addition to addressing the bug that was reported, our team conducted a thorough security audit of the FaceTime service and made additional updates to both the FaceTime app and server to improve security,” Apple said in a statement.
Even as Apple rolls out a security fix for consumers, New York Attorney General Letitia James is investigating the company’s response to the FaceTime bug.
“This FaceTime breach is a serious threat to the security and privacy of the millions of New Yorkers who have put their trust in Apple and its products over the years,” James said in a news release last month.
James appeared to implicitly reference the Thompson family, noting that reports indicated the existence of the bug were flagged to Apple “more than a week before it was shared widely with the media and the company took action,” according to the release.
James said her office will examine “Apple’s failure to warn consumers about the FaceTime bug and slow response to addressing the issue.”