Facebook wants you to know it’s taking security seriously — enough for Zuckerberg and Co. to pay out over $1 million in reward within two years for its Bug Bounty program. According to a recent blog post, it’s awarded a total of 329 digital bounty hunters at least $500 for discovering and reporting security issues to the social network. The participants came from all walks of life across the globe (the youngest being a 13-year-old), and the most resourceful ones have already made more than a hundred grand each. Facebook isn’t alone in exchanging big money for bug reports — Microsoft, for one, is offering up to $100,000 to anyone who discovers security exploits on the preview version of Windows 8.1. Despite Facebook’s success, however, over 6 million accounts were still exposed in June… proving that when it comes to security, tech companies can never sit on their hands.