A man who bought the Google.com domain name for $12 and owned it for about a minute has been rewarded by Google for uncovering the flaw.
Last month, student and former Google employee Sanmay Ved was able to buy Google.com for the small sum due to an administrative issue at the search giant.
He was surprised to find the domain up for sale and when he went to buy it, the $12 transaction went through and the ownership of the search site was transferred.
But within about a minute the purchase had been canceled and Ved's money was refunded.
"Google could do this given the registration service used by me (aka Google Domains) belonged to Google," Ved wrote in a blog post on LinkedIn.
The ex-Googler flagged the flaw to the search giant's security team and they rewarded him with an as-yet undisclosed sum of money. When they found out Ved was going to give the bounty to charity, Google doubled the amount.
"I wrote back and told them it was never about money, and asked that the money be donated to charity to the Art of Living India Foundation," Ved wrote.
"They have replied and have stated that they understand and respect the fact that this was not about getting a reward. Despite that, given what they found, and how this was handled, they are 'excited' to offer me a reward."
Google did not immediately respond to a request for comment.
Giving money to people who flag up potential security or administrative flaws is a common practice at Google and other tech companies. It's known as a "bug bounty".
Ved's story is the latest in a long line of domain name-related news around Google. Last week, just a few days after Google officially became a subsidiary of Alphabet, it acquired the domain name abcdefghijklmnopqrstuvwxyz.com.