Facebook passwords plain text, internal access to the files

0
199

Facebook passwords plain text, internal access to the files.

Facebook stored passwords for hundreds of millions of users in plain text, exposing them for years to anyone who had internal access to the files, according to Krebs on Security. User passwords are typically protected with encryption (a process known as hashing), but a string of errors led certain Facebook-branded apps to leave passwords accessible to as many as 20,000 company employees.

Between 200 million and 600 million Facebook users are believed to have been affected, according to Krebs, which first reported the security flaw. Facebook confirmed the issue in a blog post, titled “Keeping Passwords Secure,” and it said the company identified the problem in January as part of a security review. Facebook says it has fixed the issue and will notify everyone affected.

READ  'Start Here': Synagogue shooting, online hate, suspected mail bomber in court. What you need to know to start your day. (Reports)

According to Facebook, there’s no evidence that plain text passwords were exposed outside of the company or that they were abused internally. As a result, users won’t be required to reset their passwords. The issue impacted “hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users,” the company says.

READ  Activists Make Last Ditch Effort to 'Stop Kavanaugh' (Report)

Although there’s no evidence of abuse, at least 2,000 Facebook employees searched through the files containing passwords, though it’s not clear what for. The password logging reportedly started as early as 2012.

READ  FDA points Benadryl warning because it investigates reviews of stripling accidents and deaths linked to TikTok problem –

This is the latest in a string of bad security issues for Facebook. In October, a hacker was able to access personal information from 29 million accounts after stealing login tokens. Before that, hacked private messages from 81,000 users were found to have been put up for sale. And none of that is including the wide-scale improper data sharing issues that kicked off with Cambridge Analytica and started putting real pressure on the company to change its practices.

LEAVE A REPLY

Please enter your comment!
Please enter your name here