Facebook had stored hundreds of millions of user passwords in plain text since 2012, meaning they could have easily been accessed and read by more than 20,000 of its employees.
The details: In a carefully worded statement, Facebook said it hadn’t found any evidence of abuse, but it promised to start alerting users about the issue. It said people would not need to reset their passwords (although some experts have advised they do so anyway).
You can also opt to receive notifications if an unfamiliar device logs into your account. It’s worth noting the leak was purely internal, so none of the passwords were exposed outside of Facebook’s walls.
Timing: Facebook announced the mishap yesterday in a blog post (innocuously titled “Keeping Passwords Secure”), roughly at the same time as cybersecurity researcher Brian Krebs reported it on his blog. However, Facebook originally found the issue back in January, which does make you wonder if the company would have reported it publicly if left to its own devices.
They just keep coming: This is yet another major embarrassment for Facebook, which spends vast sums of money employing top cybersecurity professionals. Storing passwords in plain text is a terrible practice from a security point of view, and you’d expect better from a company of Facebook’s size and wealth. It seems that not a week goes by without yet more bad news, from the fallout of the Cambridge Analytica scandal (a year ago last weekend) to the range of lawsuits it’s facing across the world.
Sign up here to our daily newsletter The Download to get your dose of the latest must-read news from the world of emerging tech.
A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook?
Robot vacuum companies say your images are safe, but a sprawling global supply chain for data from our devices creates risk.
A startup says it’s begun releasing particles into the atmosphere, in an effort to tweak the climate
Make Sunsets is already attempting to earn revenue for geoengineering, a move likely to provoke widespread criticism.
10 Breakthrough Technologies 2023
These exclusive satellite images show that Saudi Arabia’s sci-fi megacity is well underway
Weirdly, any recent work on The Line doesn’t show up on Google Maps. But we got the images anyway.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.