In another turn of events, Facebook admits that its employees had access to millions of Instagram passwords that were stored in plain text.
These passwords were left exposed on one of their servers. It was uncovered that the passwords were accessible by at least 20,000 employees.
The security breach was first announced by the social media giant on 21st March when it shared a post telling users that it had left approximately 600 million Facebook, Facebook Lite and Instagram users combined stored in plain text.
‘Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format,’ Pedro Canahuati, Facebook’s vice president of engineering, security, and privacy, wrote in a blog post.
We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others.
Our investigation has determined that these stored passwords were not internally abused or improperly accessed. – Pedro Canahuati added
The discovery of the passwords being hidden in plaintext was made by security researcher Brian Krebs.
The data goes back far as 2012. Facebook first became aware of this security situation in January 2019.
A series of blunders have already caused a major blow for Facebook as users are now very cautious of their privacy and data being online.
On Wednesday, Facebook acknowledged that it may have unintentionally uploaded email contacts of 1.5 million new users on the social media site since May 2016.
However, reported the contacts were not shared with anyone and the company is deleting them.
Last March, it had the famous Cambridge Analytica situation at large in which it was found that the social-media giant disclosed some 87 million users’ information which was then harvested and shared with Trump-affiliated campaign research firm.
Additionally, in September, Facebook announced that it had been hit with one of the biggest breaches on record as 50 million user’s data was exposed because of a vulnerability in its ‘View As’ feature.
In 2018, the platform came in the news off and on for more privacy violations and other issues both political and non-political.
Security Precautions – What to do Next
According to Facebook, those users whose accounts have been exposed will be notified. These users include:
- Facebook: Tens of millions of users
- Facebook Lite: Hundreds of millions of users
- Instagram: Millions of users
As of now, users can change their passwords by resetting them and making them even more stronger.
For peace of mind, they can also opt to go for the two-factor authentication feature through a third party authentication app.
Stay safe and stay tuned to Brandsynario for more news and updates.