Connect with us

In Brief: Facebook Employees Had Access to Passwords of Up to 600M Facebook Users

Founder360 / Facebook

News / Trends

In Brief: Facebook Employees Had Access to Passwords of Up to 600M Facebook Users

An ongoing investigation has revealed that hundreds of millions of Facebook users had their account passwords stored in plain text and accessible to by thousands of Facebook employees according to a report from the security publication Krebs on Security.

A senior Facebook employee who is familiar with the investigation and spoke on condition of anonymity to Krebs on Security confirmed that indeed the company is probing a series of security failures in which Facebook employees built applications that logged unencrypted password data for up to 600 million Facebook users and stored it in plain text on internal company servers.

Read: Meet the 7 African Startups Present at Y Combinator Winter 2019 Class

The source said Facebook is still trying to determine how many passwords were exposed and for how long, but so far the inquiry has uncovered archives with plain text user passwords in them dating back to 2012.

Facebook VP Engineering, Security and Privacy, Pedro Canahuati confirmed the developments in a blog post while confirming that the issue has been fixed:

“As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems. This caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable. We have fixed these issues and as a precaution, we will be notifying everyone whose passwords we have found were stored in this way.”

Earlier in March, the company was under scrutiny from security and privacy experts for using phone numbers marketing, advertising and making users searchable by their phone numbers instead for security reasons like two-factor authentication.

Image Credits: Naked Security

Continue Reading

More in News / Trends

To Top