Passwords of more than 600 million Facebook users were stored as plain text

Facebook had discovered a nasty security flaw on its platform. The security flaw put millions of users’ privacy at stake.

Facebook said that it’d found out that some users passwords had been stored as plain text and according to various sources it’s also learned that more than 20,000 Facebook employees had access to these passwords.

Pedro Canahuati, Facebook’s vice-president of engineering, security, and privacy, however, clarified that these passwords were never improperly accessed. “we have found no evidence to date that anyone internally abused or improperly accessed the passwords,” he wrote.

Facebook also clarified that these passwords were never visible to anyone outside Facebook.

Although not official, an internal source inside Facebook told Krebs on Security that more than 600 million passwords were stored as plain text. The source also told that the security flaw has existed since 2012.

The security flaw is no longer in effect as confirmed by the social media giant. Facebook also promised that it’d start notifying users whose passwords were found to be in readable format. However, the company refused to talk as to when exactly the process will start.

“This caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable.

“We have fixed these issues and as a precaution will be notifying everyone whose passwords we found stored this way,” wrote Pedro Canahuati, VP Engineering, Security and Privacy at Facebook.

Via: BI