With Mega making such a big fuss about security and privacy, it was a given that every expert out there would be looking to see just how safe the site really was. All the scrutiny has revealed some issues and Mega has responded to some of them.
While no actual vulnerabilities or flaws have been found yet, several smaller issues have turned up. Mega's response is that it has never promised more than it provides and that all of this is revealed in the FAQs and other info on the site.
Still, that's not stopping researchers and enthusiasts from poking Mega's infrastructure further. But Dotcom welcomes the attention, in fact, he is promising some kind of cash prize for anyone that can break the site, or something similar.
Details are scarce, but Google, Mozilla and many others already pay cash for anyone who finds vulnerabilities in their software and sites. Mega could very well do the same.
Already, the scrutiny has led to some improvements, all the attention can only be beneficial in the long run, as long as Mega plugs the holes and improves its systems as needed.