Facebook just can’t seem to get a handle on the whole cybersecurity thing.
In a report released late last week by cybersecurity journalist Brian Krebs, it was revealed that Facebook had been keeping an estimated 600 million user passwords stored as unencrypted plain text, completely visable to thousands of Facebook employees.
Facebook admitted it to be true in an official blog post posted shortly after. In the blog post, the tech giant explained that they were initially unaware of the issue but caught it in a routine security review in January. Of the platform’s 2.7 billion users, almost 600 million user passwords, a big chunk of the userbase, were accidentally stored in plain text. Apparently, Facebook has already ‘fixed’ the issue and promised to notify those whose passwords were included.
“To be clear, these passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them,” Facebook clarified in the post. “There is nothing more important to us than protecting people’s information, and we will continue making improvements as part of our ongoing security efforts at Facebook.”
Facebook then continued listing down their efforts at keeping passwords secure, including the use of signals for suspicious activity and two-factor authentication, among others. As a result of the report, Facebook’s stock suffered a 1% decrease last week.