During a routine security review back in January 2019 Facebook caught a serious issue. As it turns out, some user passwords were stored in a readable format, making it possible for Facebook employees (but not anyone outside of the company) to find and view. While the initial announcement noted that hundreds of millions of Facebook Lite users, tens of millions of other Facebook users and tens of thousands of Instagram users were affected, a more recent discovery noted a much larger problem.

So how many Facebook and Instagram users are actually affected by this security issue? According to an update published Apr. 18, Facebook found additional logs of Instagram passwords stored in a readable format—bringing the current estimate of affected IG users to somewhere in the millions range.

photo: Toni Hukkanen via Unsplash 

If you’re wondering if Facebook routinely stores passwords in readable text, the answer is no. The company’s security “best practices” include masking all passwords, making it impossible for anyone (including company employees) to see them. But, in this case, internal problems didn’t allow the proper masking to happen.

Before you worry too much, Facebook assures its users that the problem is fixed. Beyond that, when the initial issue was detected Facebook didn’t find evidence of employee misuse of the readable text passwords.

Users affected by this security issue will receive notification from Facebook. If you haven’t heard anything, but still have concerns, changing your passwords is always a good idea.

—Erica Loop



Here’s What to Do When Your Kid Locks Your iPad—for 25 MILLION Minutes

The Facebook Hack Is Actually a Big Deal. Here’s What You Need to Do ASAP

Worried About Privacy From Amazon’s Alexa? These Easy Settings Will Ease Your Mind