Facebook paid security researchers $1.3 million in 2014 to find and and report security flaws.
According to a post by the company entitled “Bounties get better than ever,” Facebook has paid researchers in the “bug bounty program” more than $3 million since 2011 and now has 123 countries reporting security issues. India reported the largest number of valid bugs in 2014: 196.
“We’re excited to see what 2015 holds for the bug bounty program,” the Facebook post says. “Report volume is at its highest levels, and researchers are finding better bugs than ever before. We’ve already received more than 100 valid reports since the start of the new year.”