Reporting ChatGPT bugs could make you a lot of money

ChatGPT logo on phone sitting on laptop with OpenAI logo
(Image credit: Shutterstock)

If you love the Mandalorian and ChatGPT, this could be the opportunity for you. OpenAI has issued an open challenge to find bugs in ChatGPT, via its Bug Bounty Program with up to a $20,000 reward on offer for the biggest discoveries. Hunting down bugs and making money? This is the way. 

ChatGPT has had its fair share of problems but it’s improving all the time, and now OpenAI has asked “the global community of security researchers, ethical hackers, and technology enthusiasts” to push it to the limit and, hopefully, disocver any vulnerabilities in the process. 

After all, if Chatbots such as ChatGPT and Google Bard are going to be as big as some believe, then they will need to be trusted and watertight.

While only the biggest possible finds will net you $20,000, any smaller security risks you spot could still bring in a reward of between $200 and $6500 per vulnerability. 

What kind of bugs are eligible? 

On the Bugcrowd page for the program, OpenAI has detailed what kind of finds it deems worthy of a financial reward, and unfortunately just getting the AI to say something silly doesn’t count. 

OpenAI has explicitly stated that “getting the model to say bad things to you” and “Getting the model to tell you how to do bad things” and answer banned questions through the likes of DAN will not be worth a reward. 

The company has also stated that: “Intentional access to data or information not belonging to you beyond the minimum necessary to demonstrate the vulnerability.” and other methods that impact the mass user experience are also out of bounds.

For the sake of security, only bugs reported from users’ own accounts will be valid but there is plenty for curious minds to sink their teeth into. With OpenAI stating “ChatGPT is in scope, including ChatGPT Plus, logins, subscriptions, OpenAI-created plugins (e.g. Browsing, Code Interpreter), plugins you create yourself, and all other functionality.” The Open AI API is also a valid target as well as the company’s own website and developer playground. 

If chatbots are to change the way we use the internet, they will need to be able to survive the ingenuity of users determined to break it. Are you up to the challenge?

More from Tom's Guide

Andy is a freelance writer with a passion for streaming and VPNs. Based in the U.K., he originally cut his teeth at Tom's Guide as a Trainee Writer before moving to cover all things tech and streaming at T3. Outside of work, his passions are movies, football (soccer) and Formula 1. He is also something of an amateur screenwriter having studied creative writing at university.

Read more
ChatGPT logo on a smartphone screen being held outside
ChatGPT just got OpenAI's most powerful upgrade yet — meet 'Deep Research'
Copilot, Gemini, Claude
I test AI chatbots for a living and these are the best ChatGPT alternatives
DeepSeek logo on phone
Is DeepSeek a national security threat? I asked ChatGPT, Gemini, Perplexity and DeepSeek itself
The DeepSeek logo seen on the silhouette of a smartphone
I have ChatGPT Plus — but here's 7 reasons why I use DeepSeek instead
ChatGPT on iPhone
ChatGPT went down — full timeline as major outage hit users worldwide
Grok vs Chat GPT logos
I just tested ChatGPT deep research vs Grok-3 with 5 prompts — here's the winner
Latest in ChatGPT
ChatGPT app on iPhone
I just tested ChatGPT-4.5 with 5 prompts — the good, the bad and the weird
ChatGPT app icon on mobile device
ChatGPT 4.5 — 5 big upgrades you need to know
OpenAI logo
OpenAI ChatGPT-4.5 is here and it's the most human-like chatbot yet — here's how to try it
ChatGPT app icon on mobile device
ChatGPT Plus just got a huge deep research upgrade — here's how to try it now
A person logging into LinkedIn on their phone and laptop
Looking for a job? — 7 prompts to use ChatGPT o3-mini as a job search assistant
OpenAI logo on phone sitting on top of laptop keyboard
OpenAI’s ‘o3-mini’ is free for all users — what you need to know
Latest in News
Samsung Galaxy S25 Edge back
Samsung Galaxy S25 Edge price comes into focus with latest leak
Apple iPhone 16 Plus Review.
Apple just released an emergency security update for a flaw used in an ‘extremely sophisticated attack’ — update your devices right now
NYTimes Connections
NYT Connections today hints and answers — Wednesday, March 12 (#640)
Jean Smart as Deborah Vance and Hannah Einbinder as Ava Daniels in Hacks
Max reveals 'Hacks' season 4 release date and trailer — here's when it's coming
Google Pixel 5 review
Google Pixel 10 lineup leaked in new renderings — here's what they look like
A person trying to set up a new Wi-Fi router
Thousands of TP-Link routers have been infected by a botnet to spread malware