Security News > 2020 > February > Facebook Paid $2.2 Million in Bug Bounty Rewards in 2019
Over the course of 2019, Facebook paid security researchers a total of $2.2 million in rewards for vulnerability reports submitted to the social media platform's bug bounty program.
For comparison, the social platform paid more than $1.1 million for over 700 valid reports submitted to its bug bounty program in 2018, and more than $880,000 for over 400 valid reports in 2017.
Last year, Facebook also made over $35,000 in matching donations to charities in those instances where the security researchers opted to direct their bug bounty rewards to various causes.
Last year, as part of the data abuse bounty program it launched in 2018, Facebook received a report on SDK providers paying third party app developers to use malicious SDKs in their apps, and removed those apps from its platform.
In 2019, the company also expanded the scope of both its data abuse bounty program - to include Instagram - and its bug bounty program for third-party apps.