Facebook admits MILLIONS of Instagram passwords were stored in plain text, giving its employees unfiltered access to users’ accounts
- Facebook said millions of Instagram passwords were stored in plain text
- This gave Facebook’s 20,000-plus employees access to users’ credentials
- The disclosure came in an update to an earlier security oversight from March
Facebook said Thursday that millions of Instagram passwords have been left exposed.
In a blog post, the social media giant said that it discovered passwords were stored in plain text.
That means the information was readable and searchable by more than 20,000 Facebook employees.
Facebook said Thursday that millions of Instagram passwords have been exposed. In a blog post, the social media giant said that it discovered passwords were stored in plain text
The company disclosed the major security oversight in an update to a March 21 post where it revealed it also left the passwords of 200 million to 600 million users stored in plain text.
‘Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format,’ Pedro Canahuati, Facebook’s vice president of engineering, security and privacy, wrote in a blog post.
‘We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others.
‘Our investigation has determined that these stored passwords were not internally abused or improperly accessed,’ he added.
Mail Online has reached out to Facebook for comment.
The admission marks the latest in a litany of privacy blunders that have hit Facebook in the past year.
On Wednesday, Facebook acknowledged that it may have unintentionally uploaded email contacts of 1.5 million new users on the social media site since May 2016.
The contacts were not shared with anyone and the company is deleting them.
Last March, the firm disclosed that some 87 million users’ information had been harvested and shared with Trump-affiliated campaign research firm Cambridge Analytica.
Additionally, Facebook announced in September that it had been hit by its biggest breach on record, when 50 million users’ private data was exposed as a result of a vulnerability in its ‘View As’ feature.