AT&T is launching a new public bug bounty program on the HackerOne platform. This program will allow security researchers to report security bugs to AT &T in order to receive a monetary reward. The average bounty paid is currently at $150, with the highest being $750. The payouts for reported bugs are: critical, high, critical, low, high and low. AT&t has not shared what types of bugs fit into each classification. The criteria used to determine the payout for a vulnerability is solely at the discretion of the company.
Source: https://www.bleepingcomputer.com/news/security/atandt-launches-public-bug-bounty-program-on-hackerone/