HipHopWired Featured Video
Facebook Stored Millions of User's Passwords Without Encryption

Source: NurPhoto / Getty

Facebook just can’t seem to get out of its own way lately. According to a report from Krebs on Security, the social media network was storing millions of users passwords in plain text leaving them exposed to anyone with access to the internal files.

You better change your passwords on Facebook and any other platforms the social media giant owns.

The passwords usually when stored are encrypted, but due to what the company described as an “issue” were not properly secured,  the problem was discovered by Facebook during a “routine security review in January.” The company confirmed the issue in a post on its FB page stating passwords were never visible to anyone outside of the company.

Per Facebook:

“As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems. This caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable. We have fixed these issues, and as a precaution, we will be notifying everyone whose passwords we have found were stored in this way.

To be clear, these passwords were never visible to anyone outside of Facebook, and we have found no evidence to date that anyone internally abused or improperly accessed them. We estimate that we will notify hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users. Facebook Lite is a version of Facebook predominantly used by people in regions with lower connectivity.

In the course of our review, we have been looking at the ways we store certain other categories of information — like access tokens — and have fixed problems as we’ve discovered them. There is nothing more important to us than protecting people’s information, and we will continue making improvements as part of our ongoing security efforts at Facebook.”

Take what the company is saying with a grain of salt and just go ahead and update those passwords just to be on the safe side.

Photo: NurPhoto / Getty