Earlier this year, we reported on a Facebook data breach, in which the world learned that the social media giant had been storing many of its passwords in readable plain text format, 600 million of them, in fact. Now, Facebook reveals Instagram passwords were accidentally stored in plain text on top of it all.
In both cases, Facebook employees had easy access to these passwords even if nothing has been done with them. Also, according to Engadget, this information was “never visible to anyone outside of Facebook.” Despite that, this is yet another privacy transgression by a company that works with personal information. It’s not a good look.
Even worse is that the group shared this news in an update on an old post from about a month ago, the one that revealed the original Facebook news. Back then, the company thought it would only have to tell tens of thousands of users. However, Facebook put out that it was millions of users, not tens of thousands.
It has also been revealed that Facebook accidentally pulled some email contact lists from these same users. Apparently, the number is close to 1.5 million. So, not only does Zuckerberg’s empire have to inform these users of the password breach but also that their email lists have been stolen.
Facebook put out a statement on the situation:
“This is an issue that has already been widely reported, but we want to be clear that we simply learned there were more passwords stored in this way. There is no evidence of abuse or misuse of these passwords.”
It doesn’t seem like any tampering has gone on. But, this doesn’t paint a good picture for those who care about their privacy. Facebook has leaked multiple sets of passwords on top of email lists. Then, they sneakily revealed this information without a public announcement. At least the company is informing those whose info has been violated.