Security researcher Brian Krebs announced that around 600 million Facebook user passwords were visible to 20,000 of its employees as they were stored in plain text. He however assured that these were old and date back to 2012. Following the revelation Facebook declared that the glitch has been resolved in which passwords were stored in its internal network. Mr. Krebs told that a source from Facebook had told him about this security failure which let its developers create applications to log and store passwords without encrypting them. While speaking about Krebs’s revelation Facebook engineer Scott Renfro stated that internal investigation of these passwords showed that none of the passwords had been misused.
Publicly Facebook stated that the issue of password expose was discovered by Facebook’s investigation team in January as a part of its routine security review. The investigation showed that accounts of people who were using Facebook Lite were affected which is usually used in nations which have slow and sparse net connections. The company declared to Reuters that they will send out notifications to all the millions of Facebook Lite users and also to thousands of Instagram users.
It may request them to re-set password only if the Facebook taskforce team exploring the expose uncovers that the login credentials have been misused. This report is the latest addition to several reports of exposure of passwords and other private information of users in the past few years. In September 2018 the firm declared to the world that around 50 million users’ data has been exposed due to a flaw in its data security division. In early part of past year it had made a thunderous claim that data of millions of its users have been harvested illegally by data analysis firm Cambridge Analytica. The firm has assured that this time the data was not visible to anyone outside the company so there is little chance of them being abused.