Facebook Stored Millions of Passwords in Plaintext

If you are reading this article then you have been impacted and need to change your password right now. Facebook has not had the best of times as of late, with a number of privacy, security and other issues on the platform. And that’s not even counting Mark Zukerberg slowly turning into a real-world Lex Luthor.

But today a new report from Krebs on Security found that a bug in the password system on Facebook caused hundreds of million of user passwords to be stored in plaintext. All your login info was just sitting their in plain sight and meant that thousands of Facebook employees could have searched for them and potentially accessed any account they wished.

Krebs found that the passwords left open stretched all the way back to 2012. This bug impacted Facebook and Facebook Lite, but also their popular social image sharing platform Instagram. There are no indications that any hacker or hacking groups ever got a hold of these passwords, but it would be like winning the jackpot if one did.

Most platforms store user passwords in some fashion, but they scramble them so that even if their servers were compromised and a hacker stole all the passwords, they would not be able to read them.

READ:  Aragami: Shadow Edition comes to Nintendo Switch

Pedro Canahuati, Facebook’s vice president of engineering, security, and privacy wrote that:

“As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems.”

“Our login systems are designed to mask passwords using techniques that make them unreadable. To be clear, these passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them.”

The company stated that is has corrected the password bug and will be notifying users on all its platforms that may have been affected by it. Facebook will not be forcing any user to reset their passwords, but it’s goof protocol to update yours as son as you finish reading this.

About Author

J. Luis

J. Luis is the current Editor-In-Chief here at GAMbIT. With a background in investigative journalism his work encompasses the pop-culture spectrum here, but he also works in the political spectrum for other organizations.

Learn More →