A Facebook hacker looking for a way to break in into the social media‘s internal servers discovered evidence that another hacker was there before him.

BBC reported that a Taiwanese researcher discovered files that remained from a previous hacking incident in an abandoned Facebook server. The first hacker used these files as his tools in knowing the login names of Facebook’s admin staff.

According to Facebook, the files were left by another researcher looking for loopholes in the network.

Orange Tsai, a security researcher, described the details on how he was able to hack the Facebook server. He also realized that another person was there before him.

Whitehat hackers usually perform this kind of testing to check for bugs and to test website security. Tsai discovered a piece of malware that was designed to steal login credentials of Facebook employees. He also found that the first time the company’s network was compromised was in July 2015. It was then followed by another attempt in February of this year.

Tsai is currently connected to security firm Devcore. The social media giant could then strengthen the unsecured server. They also emptied the login scooping scripts.

Tsai was given $10,000 cash reward or bug bounty from Facebook. The company has spent a good amount of money for its bug bounty program. The reward is given to people who will find vulnerabilities in their systems.

Facebook shared through YCombinator that it was glad that Tsai was able to report his findings.

Facebook said that the traces Tsai discovered were left behind by another Facebook hacker who also participated in their bounty program.

The company considered the discovery of the unsecure server as a “double win” . This is because it involved two security researchers evaluating their network. In the end, Facebook was still able to gain from this ethical hacking. The company said that neither of the two Facebook hackers was able to get further into the internal networks.