In fact, one new issue was revealed by the company just now. Facebook admits that hundreds of millions of passwords were stored in their servers in plain text, that is without encryption of any kind.
While it's unlikely that any outsiders could have accessed the data, there is a possibility that Facebook employees managed to get their hands on Facebook users' passwords and abuse them.
Facebook claims that there is no sign of any Facebook employee abusing the plain text passwords, although that would probably be fairly hard to diagnose anyway.
Some of these passwords have been stored in this internal server since 2012. According to a source within Facebook, who spoke to Krebs on Security, from 200 million up to 600 million passwords were in danger of leaking.
The same source says that more than 20,000 Facebook employees had the capability to leak the data, and a total of 2,000 employees made around nine million inquiries to the database.
Facebook is in touch with the people via email who've been affected by this potential leak, this includes mainly Facebook Lite users but also users of regular Facebook as well as some Instagram users.
Written by: Matti Vähäkainu @ 22 Mar 2019 10:22