Millions of Facebook users passwords saved as plain text in major security flaw
After Cambridge Analytics fiasco, social networking site Facebook is again in the limelight for the wrong reasons. Facebook password of millions of users has been leaked internally. That is, the company stored passwords in plain text. According to Krebs Security, this has been done for years, and in such a way, potentially working employees inside Facebook could access user profile with it. Generally, passwords are protected with encryption.
Facebook has also confirmed that the company has stored the password of the users in plain text. However, the company has also said that till now it is not known that its use has gone wrong. It is being reported that 200 to 600 million Facebook users are affected by it.
Facebook has said that the affected users are being sent a notification to change their password. According to Facebook, this issue has now been fixed. The flaw has been reported by Krebs first and Facebook has posted an article with ‘Keeping Password Secure’ headline in which the company has said clearly stated that Facebook has stored users’ passwords in plain text.
Facebook has said that the company has no evidence to say that the plain text password has been used in or out of the company. That is, not all users need to change the password. According to Facebook, millions of Facebook Lite users and other Facebook users are affected by this, that their passwords were kept in plain text. Not only this, Facebook has also said that over 10 thousand instagram users are also affected by this.
According to a report by Krebs Security, Facebook’s sources have told that the company is investigating the matter and so far it has been found that the passwords of 200 to 600 million users were stored in plain text. The most dangerous thing is that more than 20,000 Facebook employees could gain access to the affected users profile without the knowledge of the user. Although Facebook’s source has said that the company is still trying to figure out how many passwords have been affected.
