Facebook says recent password leak affected not thousands but millions of Instagram users

Facebook says recent password leak affected not thousands but millions of Instagram users
HIGHLIGHTS

Facebook now says that its password leak affected millions of Instagram users, instead of thousands of users

The company previously acknowledged storing email info of about 1.5 million users.

Last month, Facebook admitted that it stored ‘hundreds of millions’ of account passwords in plaintext via its blog post. The company said that the problem affected hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users. Now, Facebook has updated the blog post to announced that not tens of thousands but millions of Instagram users were affected by the issue. Additionally, the company reiterates its earlier statement that even though the exposed passwords were stored in plaintext, they weren’t abused or accessed improperly. However, it doesn’t describe the basis on which it makes these claims. 

“Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format. We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed,” states the updated Facebook post. There is no detail about how many million users have been affected though. While the company will be notifying the affected users, we suggest our readers to immediately change their passwords. 

As mentioned earlier, Facebook acknowledged that it was saving passwords in plaintext from quite some time. While the company claims that these passwords were stored on its internal servers that were accessible by developers and 2,000 engineers, the data was not leaked outside or inappropriately accessed by anyone. However, as we said, there is no proof provided that the passwords weren’t accessed inappropriately.

The latest revelations by Facebook come soon after it said that it “unintentionally” stored email contacts of 1.5 million users who joined the social network since 2016. The company is said to have imported and stored a users’ email contact list on their servers, without proper consent. Facebook said that before 2016, it asked users to provide their email credentials to verify their account and it displayed a notification to users that their email contacts will be collected. However, the company claims that the feature was changed to delete the notification, but email contacts were still being collected.

Digit NewsDesk

Digit NewsDesk

Digit News Desk writes news stories across a range of topics. Getting you news updates on the latest in the world of tech. View Full Profile

Digit.in
Logo
Digit.in
Logo
Compare items
  • Water Purifier (0)
  • Vacuum Cleaner (0)
  • Air Purifter (0)
  • Microwave Ovens (0)
  • Chimney (0)
Compare
0