After 20 million of its dating site users’ email addresses were put up for sale online, Topface tracked down the hacker behind the amassed database and paid him “an award for finding a vulnerability,” according to a release on the company’s site.

Topface’s investigation into the leak identified a vulnerability on the site that allowed a hacker to access users’ email addresses, but no passwords or other sensitive information. The hacker agreed to not distribute the stolen emails in exchange for the “award.”

The dating site has notified all users who use their email addresses to login, but did note that 95 percent of accounts are linked up to social networks.

“Despite the fact that we are confident in the absence of any effects of the incident for our user, we are sorry for the inconvenience caused,” the release said.