Uh oh - dodgy code exposed
But the right thing to do would be pay for all the bugs already submitted that fall under the old rules. Minor amounts of cash, as the bugs are, but pay *something* to maintain goodwill
The impression I get from this is that they got buried under bug reports to the point that they realised that paying out as originally indicated would cost them more than spending that amount on decent coding in the first place, which is the exact thing these bug bounty issuers seem to want to avoid.
If I appear to expect the worst from this company, it is simply because that's what their business behaviour so far has made me assume.