One of Mega's big selling points, as least in its mind, is privacy. Files are encrypted client-side, so only someone with the encryption key can see what's inside them.
The encryption means nothing if you lose your password, but that's the compromise Mega had to make to get it all working.
It's precisely because of its focus on "privacy" that plenty of security experts turned their attention to it and started trying to figure out just how secure Mega is.
It didn't take long for them to come up with bugs and vulnerabilities, but nothing major. Mega said it was glad for all the attention and Dotcom even promised to pay anyone who would break Mega's security
Now, he's doubling down on that promise by offering
€10,000 ($13,600) to anyone who can break the encryption. However, actually breaking the encryption isn't very easy and may in some cases even be impossible with today's hardware.
It remains to be seen whether the award applies to any other component of the site and any vulnerability that may lead to someone getting access to a user's files.