Facebook has released an update about the Bug Bounty program that they started a little over two years ago; Bug Bounty was set up specifically to reward security researchers that notify Facebook about issues in order to keep users safe, to date they have awarded over $1 Million in bounties.



According to a recent blog post, Facebook indicates that 329 people have received a bounty so far. Some are professional researchers; others are students or part-timers.

The youngest bounty recipient to date is 13 years old and to date the largest single bounty payout was $20,000.00 and note that there is not a cap on the bounty size in this program.

These researchers are spread across 51 different countries. Only 20% of bounties paid out so far have been to US-based recipients.

Facebook feels that this early progress is a great sign and credits it in no small part to programs like this one. They acknowledge the fact that they will never have have "all the world's smartest people" on their team and "we'll never be able to think of all the different ways a system as complex as ours might be vulnerable".

Facebook isn't alone in this type of reward program; Microsoft also offers cash for finding exploits on their 8.1 Preview.

Regardless of the overall success Facebook still had over 6 million accounts exposed in June.