Facebook Stored Millions of User Passwords in Unprotected Format, Was Available in Plain Text to Employees
Millions of passwords of Facebook users were reportedly stored in plain text format on internal servers and which were accessible by up to 20,000 employees of the social network platform.
Toronto, March 22: In another story of Facebook’s lax attitude towards protecting the data of its users, millions of passwords were reportedly stored in plain text format on internal servers and which were accessible by up to 2000 employees of the social network platform.
These passwords date back to 2012 and the ‘glitch’ which stored the passwords in plain text format was discovered only this January. Up to 600 million users of Facebook could have had their passwords compromised. Facebook’s review showed that most of the people affected were users of Facebook Lite, which tend to hail from nations where net connections are sparse and slow. “We estimate that we will notify hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users," the company told Reuters. Affected users will be directly notified. Read: Mark Zuckerberg's Emails From Leaked Documents Reveal How Facebook Cut Off Its Rival Vine
This security flaw story was broken by security reporter Brian Krebs, who cited a “senior Facebook inside source”, to say that “access logs showed some 2,000 engineers or developers made approximately nine million internal queries for data elements that contained plain-text user passwords”.
But the company refuted reports that user security was compromised. In a statement, Facebook’s vice-president for engineering, security and privacy, Pedro Canahuati, said, “We have found no evidence to date that anyone internally abused or improperly accessed” the passwords, which “were never visible to anyone outside of Facebook”.
He also said that Facebook has now fixed this particular issue, as well as some problems the company discovered in other security features, such as the code by which users log in through other apps.
This story now becomes just one in a long line of developments that have shown up Facebook’s almost callous attitude towards the privacy and security of its users. The Mark Zuckerberg-led platform has been embroiled in the Cambridge Analytica data-privacy scandal, emails which showed Zuckerberg and team auctioning access to its users to the highest bidder and this is the latest one.
(The above story first appeared on LatestLY on Mar 22, 2019 02:13 AM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).