Facebook stored passwords in plain text for hundreds of millions of users

Hundreds of millions of Facebook users’ passwords were stored in plain text, completely searchable by Facebook employees for years.

Some users had their passwords stored in plain text as early as 2012, according to a senior Facebook source who spoke to KrebsOnSecurity. The source, speaking on condition of anonymity, says that somewhere between 200 million and 600 million Facebook users were affected. More than 20,000 Facebook employees would have had access to these plain text passwords.

Shortly after KrebsOnSecurity published its story, Facebook posted its own statement by its vice president of engineering, security and privacy, Pedro Canahuati. He states that the company first discovered the issue during “a routine security review in January.”  Read more…

More about Facebook, Instagram, Cybersecurity, Passwords, and Password Security

Facebook admits it stored ‘hundreds of millions’ of account passwords in plaintext

Law enforcement needs to protect citizens and their data

Why a top antitrust lawmaker thinks it’s time to break up Facebook

Snap is under NDA with UK Home Office discussing how to centralize age checks online