Facebook stored millions of Instagram passwords in plain text on its servers

fb

Roughly a month ago, news broke out that Facebook had stored millions of passwords on its own servers, in plaintext. The company employees have had access to the servers, and thus the passwords, for most of the time, and although Facebook said they haven’t abused the unnecessary privilege, we did know that some 2,000 engineers and devs made some nine million internal queries for data elements that contained passwords in plain text.

However, Facebook has since updated the post (as opposed to issuing a new one), in which it gave new information about the case. As it turns out, the original story of “hundreds of millions of Facebook Lite users” and “only tens of thousands of Instagram users” has now changed to “millions of Instagram users”.

“Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format,” the update reads.

“We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed.”

Initially, the company said between 200 and 600 million passwords were exposed.

The news came the same day when Facebook was found to have been uploading email contacts of almost two million users without explicit consent.

Image Credit: Katherine Welles / Shutterstock

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s