Comment by maxed

It does not make sense to value these kind of (web) bugs by their potential price on the grey market. I think its better to value these bugs by their potential impact, although that is hard to express in money.

In this case there were 4 billion email addresses on the line from being scraped, imagine if this was exploited and the data was leaked. The news would hit the headliners which would definitely be bad for Google's reputation and stock price.

However, the impact of the leak is not that high as it only consists of a channel <> email address mapping, and therefore I think 10k is a fair price