Today in New Delhi, India
Apr 21, 2019-Sunday
-°C
New Delhi
  • Humidity
    -
  • Wind
    -

Facebook admits storing millions of passwords in plain text on internal servers

During a security review in January, Facebook found that the passwords were stored in a readable format, against its security procedures, but that they were never visible to anyone outside of the company.

tech Updated: Mar 21, 2019 22:19 IST
Bloomberg
Bloomberg
facebook,facebook passwords,FB
Facebook has admitted that millions of passwords were stored in plain text on its internal servers, a security slip that left them readable by the social networking giant’s employees(REUTERS)

Facebook Inc. disclosed a flaw on its social network that made passwords of hundreds of millions of users visible to employees and said the issue has now been fixed.

During a security review in January, Facebook found that the passwords were stored in a readable format, against its security procedures, but that they were never visible to anyone outside of the company. Most of the accounts affected were using Facebook Lite, a version of the app designed for emerging markets. The company said it hasn’t found evidence this access was abused.

Facebook disclosed the problem after the security blog KrebsOnSecurity learned about it from an internal source. Krebs said the issue dated back to 2012 in some cases.

“The Facebook source said the investigation so far indicates between 200 million and 600 million Facebook users may have had their account passwords stored in plain text and searchable by more than 20,000 Facebook employees,” KrebsOnSecurity wrote.

First Published: Mar 21, 2019 22:06 IST