Hundreds of millions of Facebook users’ passwords were visible to its employees for years.
The company revealed today that the passwords were available to access in plain text format on their internal storage system.
Instagram users’ and Facebook Lite users’ passwords were also included in the storage system.
Facebook said that they made the discovery in January and that there is no evidence that any of the passwords were abused or misused.
In a statement released today, the company said that they had fixed the issue and were now looking at alternative ways of storing information.
They said:
“As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems.
“We have fixed these issues and as a precaution we will be notifying everyone whose passwords we have found were stored in this way.
To be clear, these passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them. We estimate that we will notify hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users.”
They also said that there is “nothing more important to us than protecting people’s information, and we will continue making improvements as part of our ongoing security efforts at Facebook.”
Facebook have notified any user whose password was included in the readable format.
You can find the company’s full statement here.
