For HomeFor BusinessFor Partners
Archive
2 min read

Millions of Facebook Passwords Kept in Plain Text for Employees to Access

Luana PASCU

March 22, 2019

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Millions of Facebook Passwords Kept in Plain Text for Employees to Access

Perhaps we should all change our Facebook passwords to play it safe, following news that Facebook kept, from as early as 2012, “hundreds of millions” of user account passwords in plain text, making them available to some 20,000 employees, writes KrebsOnSecurity following a tip from a source at Facebook.

According to Brian Krebs, Facebook is looking into a number of application “security failures” that led to the logging and storage of unencrypted password data on the internal network. This glitch may have affected between 200 million and 600 million accounts, but the company is still investigating before it reveals the exact number of exposed passwords, as well as details on the timeframe or employees who may have accessed the data.

“The longer we go into this analysis the more comfortable the legal people [at Facebook] are going with the lower bounds” of affected users, the source told KrebsOnSecurity. “Right now they”re working on an effort to reduce that number even more by only counting things we have currently in our data warehouse.”

The social network says no evidence suggests the data was manipulated or compromised in any way by its employees and doesn”t urge users to reset their passwords.

“We”ve not found any cases so far in our investigations where someone was looking intentionally for passwords, nor have we found signs of misuse of this data,” said Facebook software engineer Scott Renfro. “In this situation what we”ve found is these passwords were inadvertently logged but that there was no actual risk that”s come from this. We want to make sure we”re reserving those steps and only force a password change in cases where there”s definitely been signs of abuse.”

Facebook claims the incident was detected in January and the people most affected so far appear to be Facebook Lite users.

“We estimate that we will notify hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users,” the company said.

tags

Archive

Author

Luana PASCU

Luana PASCU

After having addressed topics such as NFC, startups, and tech innovation, she has now shifted focus to internet security, with a keen interest in smart homes and IoT threats.

View all posts

Right now Top posts

Spam trends of the week: Crypto giveaways, false prophets, Fintech phishing scams and more hit user inboxes worldwide
Scam Spam

Spam trends of the week: Crypto giveaways, false prophets, Fintech phishing scams and more hit user inboxes worldwide

April 19, 2024

5 min read
Start Cyber Resilience and Don’t Be an April Fool This Spring and Beyond
Scam How to Tips and Tricks

Start Cyber Resilience and Don’t Be an April Fool This Spring and Beyond

April 01, 2024

2 min read
Spam trends of the week: Cybercrooks phish for QuickBooks, American Express and banking accounts
Spam Industry News Threats

Spam trends of the week: Cybercrooks phish for QuickBooks, American Express and banking accounts

November 28, 2023

4 min read
Protecting your important: Stick to these 8 cybersecurity tips for safe Black Friday and Cyber Monday deal hunting
Protecting Your Important How to Tips and Tricks

Protecting your important: Stick to these 8 cybersecurity tips for safe Black Friday and Cyber Monday deal hunting

November 08, 2023

4 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

Google Blocked More than 2 Million Apps from Being Published in Google Play
Industry News

Google Blocked More than 2 Million Apps from Being Published in Google Play
Silviu STAHIE

May 02, 2024

1 min read
US Prosecutors Charge 16 For Ruthless Grandparent Scams
Industry News Scam

US Prosecutors Charge 16 For Ruthless Grandparent Scams
Vlad CONSTANTINESCU

May 02, 2024

2 min read
Dropbox Hacked! Threat Actor Accessed Passwords and Phone Numbers
Industry News Digital Privacy

Dropbox Hacked! Threat Actor Accessed Passwords and Phone Numbers
Filip TRUȚĂ

May 02, 2024

2 min read

Bookmarks

loader