Hundreds of millions of Facebook and Instagram users’ passwords were stored on the platform’s internal servers in plain text, Facebook announced in a news release Thursday.
In a routine security review launched in January, officials noticed that their storage systems were not logging people’s account passwords in an unreadable format — the process is called “hashing.”
“To be clear, these passwords were never visible to anyone outside of Facebook,” the release said. “We have found no evidence to date that anyone internally abused or improperly accessed them.”
A Facebook spokesperson said they “won’t be sharing additional details at this time” when asked how long the company’s systems had been logging passwords.
The company said they estimate they will have to notify hundreds of millions of Facebook users, tens of millions of Facebook Lite users and tens of thousands of Instagram users.
Facebook Lite is a version of Facebook predominantly used by people in regions with lower connectivity.
The company acknowledged that many people share, reuse and even have their passwords stolen.
By Bianca Bharti
Copyright Postmedia Network Inc., 2019