Business

Millions of Facebook passwords exposed to employees

Glitch fixed on Thursday, social media company says

FILE PHOTO: People are silhouetted as they pose with mobile devices in front of a screen projected with a Facebook logo, in this picture illustration. (Dado Ruvic/REUTERS)
FILE PHOTO: People are silhouetted as they pose with mobile devices in front of a screen projected with a Facebook logo, in this picture illustration. (Dado Ruvic/REUTERS)

Facebook said on Thursday it has resolved a glitch that exposed passwords of millions of users stored in readable format within its internal systems to its employees.

The passwords were accessible to as many as 20,000 Facebook employees and dated back as early as 2012, cyber security blog KrebsOnSecurity, which first reported the issue, said in its report.

“These passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them,” the company said.

KrebsOnSecurity, citing a senior Facebook employee, said the an internal investigation by the company so far indicates that between 200 million and 600 million Facebook users may have had their account passwords stored in plain text.

Facebook said the issue was discovered in January as part of a routine security review.

The majority of the affected were users of Facebook Lite, a version of the social media app largely used by people in regions with lower connectivity.

The social network also is probing the causes of a series of security failures, in which employees built applications that logged unencrypted password data for Facebook users, the report said.

“We estimate that we will notify hundreds of millions of Facebook Lite users, tens of millions of other Facebook users and tens of thousands of Instagram users,” the company said.

Give us feedback

We value your trust and work hard to provide fair, accurate coverage. If you have found an error or omission in our reporting, tell us here.

Or if you have a story idea we should look into? Tell us here.

Give us feedback

We value your trust and work hard to provide fair, accurate coverage. If you have found an error or omission in our reporting, tell us here.

Or if you have a story idea we should look into? Tell us here.