'White Hat' Hackers Share $1.3m Facebook Bounty

Hundreds of 'white hat' hackers shared a bounty of $1.3m (£840,000) in 2014 for spotting and reporting Facebook (NasdaqGS: FB - news) 's security flaws.

The bug bounty programme was started in 2011 to encourage hackers to report security problems for cash.

Hackers who report security flaws rather than exploit them are known as white hat hackers, instead of black hat hackers.

More than 17,000 bugs and security issues were reported in 2014, up 16% year-on-year.

The average payout per hacker was $4,049 (£2,607) but many hackers were paid far higher or lower sums based on how serious the issues spotted were.

The highest bounty in 2014 was $30,000 (£19,300) paid to a Lithuanian researcher.

The minimum bounty payment is $500 (£321).

Hackers in India found the most bugs, followed by Egypt then the US. The UK and the Philippines were next on the list.

Some of the security problems could have allowed hackers to upload content to Facebook and Instagram's servers, view a user's private messages and post on their timelines.

Facebook's security engineer Collin Greene said: "Every year we are surprised by what we learn from the security community, and 2014 was no exception."

The money paid by technology firms for the information is a fraction of how much hackers could get on the black market.