You are here: Home » Beyond Business » People
Business Standard

Anand Prakash saved a billion Facebook users

People think I do this for money, but I don't. I do it because I value data privacy: Anand Prakash

Topics
Anand Prakash,facebook

Nikita Puri 

Anand Prakash saved a billion Facebook users

Throwing a backpack casually over a table in a coffee house, Anand Prakash is completely in sync with his newfound popularity. "Ask me your questions," says the 22-year-old who agrees that he is getting used to interviews.

Bengaluru-based Prakash's name attracted attention after his blog post started seeing traction. Prakash wrote about how he had found a "simple vulnerability" on Facebook, for which the networking portal gave him a bounty of $15,000.

But this wasn't the first time that Prakash, a security engineer at Flipkart, was rewarded for finding a bug. He has spotted 90 bugs for Facebook alone and about 30 for Twitter. Those who have given him bounties in the past for reporting security vulnerabilities include global web giants such as Google, Red Hat, Dropbox, Adobe, eBay and PayPal.

What was alarming about this particular bug was that it instantly allowed Prakash access to accounts of the billion users Facebook has - credit and debit card details, personal photos and more. Prakash's friend and colleague Ankur Bhargava, also a security analyst, explains that Prakash got the bounty not for the bug itself, but because of the severe consequences that it could have.

"If this bug was sold in the grey market where hackers could have exploited it, Anand could have easily made millions of dollars," says Bhargava. "He could have earned easy money, but he chose not to and waited till Facebook fixed the bug before making the bug public." Similarly, when Prakash found a bug on Zomato and had access to all of its user accounts, he reported it straight to Zomato. There was no bounty for this one.

"think I do this for money, but I don't. I do it because I value data privacy," says Prakash. His parents, back home in Rajasthan, do not understand his work, but just know he has grown to spend a lot of time with computers now.

Once an intern with the cyber crime cell of the Gurgaon Police, Prakash recalls seeing young girls walking into the police station to report harassment. "It was so disturbing to see them in tears. The main issue was of their private data being leaked. It was all happening in real time and I realised the importance of data security measures," he says.

Prakash's interest in website security dates back to pre-Facebook days in India, the days when Orkut was all the rage. "A friend bet that I couldn't hack into his account; I didn't even know how these things worked, so I just started looking things up," he says. He went on to win the bet.

"Anand has found a lot of cool bugs on different websites; it's his perspective and attitude towards things that makes him stand out against the rest. Hacking is a technique, but how you break things down and the way you think about it also matters," says Bhargava.

Prakash doesn't check in on Facebook, no matter where he goes, has no (private) messages online, or even a display picture on WhatsApp - Prakash is solely on social media to find and fix security vulnerabilities. "I never store my card details online, either - it's just not safe," he says.

In the days to come, Prakash has the tough task of sifting through his social media accounts. The morning after he first blogged about finding this particular bug, he had 500 new followers on Twitter and had hundreds of messages waiting for him on Facebook. Most of these were requests from those who wanted Prakash to hack into their girlfriends' accounts.

Happy to be at Flipkart "because it's a really cool and chilled-out place to work," Prakash is also excited about what the future holds as he dreams of going the entrepreneurial way soon.

Dear Reader,


Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.
We, however, have a request.

As we battle the economic impact of the pandemic, we need your support even more, so that we can continue to offer you more quality content. Our subscription model has seen an encouraging response from many of you, who have subscribed to our online content. More subscription to our online content can only help us achieve the goals of offering you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practise the journalism to which we are committed.

Support quality journalism and subscribe to Business Standard.

Digital Editor

First Published: Sat, March 19 2016. 00:19 IST
RECOMMENDED FOR YOU
.