Facebook has paid out more than £24,500 ($40,000) to hackers for finding flaws in its website just three weeks after launching a bug bounty programme.
Facebook called the programme a success on Monday, saying it has mobilised security researchers around the world to help make Facebook more secure. "We know and have relationships with a large number of security experts, but this programme has kicked off dialogue with a whole new and ever expanding set of people across the globe in over 16 countries, from Turkey to Poland who are passionate about Internet security," the company said.
In recent years, technology companies have started paying hackers to encourage them to quietly report any bugs they find rather than simply dumping them out in public where they could be misused by criminals. Google and Mozilla, for example, operate similar bug bounty programmes.
Facebook pays $500 (£300) per bug but will shell out more money for exceptional issues.
One hacker was paid $5,000 for "one really good report," Facebook said. The company said that it has also paid out $7,000 to a researcher who flagged six different issues.
"On the other end of the spectrum, we've had to deal with bogus reports from people who were just looking for publicity," Facebook said.
Although Facebook spoke in glowing terms about its bug bounty programme, it will not extend it to cover the hundreds of thousands of Facebook applications written by third parties. "Unfortunately, that's just not practical," the company said.