Recently it seems like whenever Facebook is in the news, it’s not for a good reason. Data leaks, security breaches, shady user data deals, you name it – the company’s been involved in it, and stuff just keeps on surfacing.
Case in point: today’s absolutely unbelievable news that the social network had been storing passwords in plain text. User login passwords. Hundreds of millions of them. In some instances going back to 2012. Easily accessible by more than 20,000 Facebook employees.
An inside source estimates that 200 to 600 million passwords were stored in this way – in which no company should ever store anything, let alone sensitive data like user passwords. Facebook itself hasn’t shared actual numbers, preferring to note that “hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users” were affected and will be notified about the situation.
The company is adamant that despite the fact that its employees had access to these passwords, it found no evidence to date that anyone internally abused or improperly accessed them. Should you believe that, coming from an establishment that stored passwords in plain text in the first place? That’s a good question.
Keep in mind that at least no one outside Facebook and its employees had access to these passwords, so there’s that. The company discovered the issue in January during a routine security review. At this point all aspects of it have been fixed.
“There is nothing more important to us than protecting people’s information”, Facebook says, but that’s getting harder and harder to believe.
Source 1 | Source 2 | Via