Facebook in March 2019 announced that the platform mistakenly stored passwords of millions of users without any encryption. At a particular moment, Facebook conveyed that besides passwords of Facebook users were stored unencrypted, some Instagram accounts were also stored in the same unencrypted format.
A recent update to the post that Facebook published in March says that again passwords of millions of Instagram users were stored in unencrypted format on the server.
“Update on April 18, 2019, at 7 AM PT: Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format. We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed”.
There have been reports that the plain texts which were passwords of millions of users throughout the world were exposed to thousands of employees of Facebook. But following the incident, Facebook has confirmed that there is no information about any of the employees using the passwords abusively or improperly.
A recent report confirms that Facebook is notifying millions of users whose Instagram passwords were stored on the server in plain texts. Facebook is also suggesting the concerned users change their password if they feel unsecured due to the incident that took place. Facebook also asked the users to enable two-factor authentication over the platform.
Sources say that the latest security leak that Facebook faced came following the news came in the market that Facebook harvested the email contacts of 1.5 million Facebook users without any notification being provided to the users. There were reports that Facebook used that data to build a web of social connections.