Facebook employees had unfettered access to hundreds of millions of users’ unencrypted passwords for years
Facebook stored hundreds of millions of users’ passwords in a format easily readable by its employees for years, in the latest security scandal to hit the beleaguered Silicon Valley tech giant.
The cybersecurity journalist Brian Krebs first reported the news on Thursday, and Facebook subsequently confirmed it in a blog post titled “Keeping Passwords Secure.”
Digital security best practices call for passwords to be stored in an encrypted format — making them unreadable even by the companies that hold them. But in Facebook’s case, they were stored in plain text, meaning that anyone with access to the file could read users’ passwords with no additional steps required. According to Krebs, more than 20,000 employees had access to those passwords.
It’s not clear exactly how many people were affected, but Facebook says it plans to notify “hundreds of millions” of affected users of Facebook Lite (the company’s lightweight app for emerging markets), “tens of millions” of regular Facebook users, and “tens of thousands” of Instagram users. Krebs reports that the total number is between 200 million and 600 million.
Facebook says it has “found no evidence anyone internally abused or improperly accessed” the password data, and that the issue was discovered during a “routine security review” in January.
The incident is the newest in a long line of serious scandals and crises to wrack Facebook over the past two years — many of which have been security- or privacy-related. That includes the Cambridge Analytica scandal as well as a hack of tens of millions of users’ personal data.
Do you work at Facebook? Contact this reporter via Signal at +1 (650) 636-6268 using a non-work phone, email at firstname.lastname@example.org, Telegram or WeChat at robaeprice, or Twitter DM at @robaeprice. (PR pitches by email only please.) You can also contact Business Insider securely via SecureDrop.
from Trendy News Update https://ift.tt/2FttdiR