An American hacker discovers a sum of $249,999.99 in his account. The transfer came from the search engine giant Google – and was actually not intended for him. Returning the money turns out to be difficult indeed.
Security researcher and hacker Sam Curry suddenly had a quarter of a million US dollars too much in his account last month. Like the one among others Broadcasting station NPR reported, the whopping plus was due to just one mysterious referral from Google. The company wired the man $249,999.99 — by mistake.
Returning money to Google is proving difficult
Curry earns his money as a so-called security researcher. He tests software for its vulnerabilities and advises companies on digital security issues. In some cases, the relevant companies also offer prize money from the outset if they are informed of security gaps instead of exploiting them. Curry has actually already carried out this activity as a so-called bug bounty hunter for Google. However, the transfer to his account had no connection to a software error that he found.
Instead of spending the money or hiding it, the hacker contacted Google support and asked about it. When there was still no response after three weeks, Curry posted a screenshot of the transaction on Twitter and explained (probably with a wink) that it was okay if Google didn’t want the money back.
Curry initially has no choice but to keep the money safe. He assumes that Google will repeat the money. However, if it takes longer, he wants to at least transfer the money to another account to avoid taxes, which he would then have to pay out of his own pocket.
Google gives explanation
Finally, according to Google, it turned out that the money was transferred to Curry by mistake. In an official statement, a Google spokesman said: “(…) Paying to the wrong party is due to human error. We appreciate that the affected partner was quick to let us know and we are working to correct it.”
So Google is trying – with a little delay – to get Curry’s money back. He also noted that he was curious how often something like this happened on Google. It is interesting which systems are used so that something like this does not happen again.
Also read: Do you actually know how well Google knows you?
Can I keep wrongly transferred money?
If an incorrectly transferred amount of money arrives on the account, there are a few things to consider in Germany, too. If the money comes into the account, it can be a matter of so-called unjust enrichment. Accordingly, the incorrect amount must be repaid. If you spend the money yourself, you have to reckon with claims for reimbursement and, if necessary, a lawsuit for damages.
The usual statute of limitations for reclaims is three years. However, the deadline does not run until the end of the calendar year. Therefore, if at all, incorrectly transferred money should only be touched after the statute of limitations has expired and, of course, only if the transferor has not requested it back by then. Or you can avoid possible legal consequences from the outset and stick to the approach of hacker Sam Curry, who immediately disclosed Google’s unexpected windfall.