+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Facebook updated a blog post and said the number of unencrypted Instagram user passwords was in the 'millions' not its previous estimate of 'tens of thousands'

Apr 19, 2019, 00:29 IST

Photo by Chip Somodevilla/Getty Images

Advertisement
  • Facebook has stored millions of Instagram users' passwords in an unencrypted format easily readable by its employees for years.
  • The news came on Thursday by way of an update to an existing company blog post, which in March, announced that unencrypted passwords for hundreds of millions of Facebook and Facebook Lite users had been accessible on its internal servers.
  • At the time, the company also said the same issue affected "tens of thousands" of Instagram users.
  • On Thursday, that number was updated to "millions."
  • Visit BusinessInsider.com for more stories.

Facebook has stored millions of Instagram users' passwords in an unencrypted format easily readable by its employees for years, the latest in a series of high-profile security missteps committed by the Silicon Valley giant.

The news came on Thursday by way of an update to an existing company blog post, which in March, announced that unencrypted passwords for hundreds of millions of Facebook and Facebook Lite users had been accessible on its internal servers. At the time, the company also said the same issue affected "tens of thousands" of Instagram users.

On Thursday, that number was updated to "millions."

Facebook said that since its previous post - on March 21 - it had discovered "additional logs of Instagram passwords being stored in a readable format," but that its "investigation has determined that these stored passwords were not internally abused or improperly accessed."

Advertisement

The company said it would notify affected users.

Back in March, Facebook said it discovered the vulnerability during a "routine security review" at the beginning of the year. The cybersecurity journalist Brian Krebs said the issue existed as far back as 2012.

The incident adds to a long line of serious scandals and crises to wrack Facebook over the past two years - many of which have been security- or privacy-related. Just yesterday, Business Insider discovered that the tech giant had been harvesting the email contacts of 1.5 million new users without their knowledge or consent.

Read more: Facebook says it 'unintentionally uploaded' 1.5 million people's email contacts without their consent

NOW WATCH: Facial recognition is almost perfectly accurate - here's why that could be a problem

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article