GitHub paid out $165,000 to researchers from our public bug bounty program in 2018. GitHub launched its Security Bug Bounty program in 2014, allowing us to reward independent security researchers for their help in keeping GitHub users secure. In 2018, our researcher grants, private bug bounty programs, and a live-hacking event allowed us to reach even more independent security talent. These different ways of working with the community helped GitHub reach a huge milestone in 2018: $250,000 paid out to researchers in a single year.”]
Source: https://github.blog/2019-02-19-five-years-of-the-github-bug-bounty-program/