Categories: Digital LifeNews

Facebook in hot water again. Hundreds of millions of passwords stored in plain text

Recently, Facebook has announced they’ve discovered a major security issue during their routine security review – approximately 200 million to 600 million Facebook users may have their account passwords stored in plain text format in their database, which is entirely accessible by 20,000 Facebook employees.

According to a report from KerbsOnSecurity, a source from Facebook have told them that hundreds of millions of Facebook user passwords were stored in a readable state for years, where some cases date back to 2012. To make matters worse, 20,000 employees from Facebook have access to these passwords.

Let’s not panic just yet, at least that’s what Facebook has to say. According to the social media company, ongoing investigations have indicated that these passwords were not abused by those who have access. A senior Facebook employee said that the security failures were due to employees building applications that logged unencrypted password data for Facebook users in plain text.

Sources on KerbsOnSecurity has also reported that some 2,000 engineers or developers made approximately nine million internal queries for data elements that contained plain text user passwords. They said that Facebook has issued a written statement to them, indicating that the company will inform “hundreds of millions of Facebook Lite users, tens of millions of Facebook users and tens of thousands of Instagram users” who are affected. Facebook Lite is a stripped-down version of Facebook that is designed for entry-level smartphones.

Prior to this, both GitHub and Twitter had encountered similar issues in recent months. But comparatively, the plain text passwords were only available to a much smaller group of people and for far shorter periods of time.

For Facebook to store passwords without encryption is reckless and it isn’t clear if a password change at the moment would make a difference if it continues to keep a copy of it in plain text. It is probably a good idea to change your password on other platforms if it shares the same password as your Facebook account.

On top of that, it is recommended that you use a unique password for different logins and this is where a password manager would come in handy. To secure your Facebook account further, it is also recommended that you enable two-factor authentication.

[ SOURCE ]

Recent Posts

Proton S70 revealed as the official Madani Taxi: A modern makeover for Malaysia’s taxi

Prime Minister Anwar Ibrahim has revealed the Proton S70 1.5T i-GT Premium which was launched…

2 hours ago

Not just for EVs: Malaysian taxis are getting the new JPJePlate

Two years ago, the Road Transport Department (JPJ) introduced the JPJePlate which sets the new…

8 hours ago

Why some ATMs are still charging RM1 for cash withdrawals despite the fee waiver

Effective 1st July 2026, Malaysians can make unlimited ATM cash withdrawals for free at over…

8 hours ago

JomCharge x DBKL turn on new 100kW DC Charger at Kuchai lama

JomCharge x DBKL continue to turn on more street-level EV charging locations in Kuchai Lama…

12 hours ago

Porsche Taycan and Macan EV prices surge in Malaysia: Up to RM410k higher

Porsche has recently updated the price of its EV lineup in Malaysia, and the changes…

1 day ago

TNG eWallet now lets you search SSM company records and download official documents

If you need to verify a Malaysian business or obtain more background information, you can…

1 day ago

This website uses cookies.