Facebook had stored hundreds of millions of user passwords in plain text since 2012, meaning they could have easily been accessed and read by more than 20,000 of its employees.
The details: In a carefully worded statement, Facebook said it hadn’t found any evidence of abuse, but it promised to start alerting users about the issue. It said people would not need to reset their passwords (although some experts have advised they do so anyway).
You can also opt to receive notifications if an unfamiliar device logs into your account. It’s worth noting the leak was purely internal, so none of the passwords were exposed outside of Facebook’s walls.
Timing: Facebook announced the mishap yesterday in a blog post (innocuously titled “Keeping Passwords Secure”), roughly at the same time as cybersecurity researcher Brian Krebs reported it on his blog. However, Facebook originally found the issue back in January, which does make you wonder if the company would have reported it publicly if left to its own devices.
They just keep coming: This is yet another major embarrassment for Facebook, which spends vast sums of money employing top cybersecurity professionals. Storing passwords in plain text is a terrible practice from a security point of view, and you’d expect better from a company of Facebook’s size and wealth. It seems that not a week goes by without yet more bad news, from the fallout of the Cambridge Analytica scandal (a year ago last weekend) to the range of lawsuits it’s facing across the world.
Sign up here to our daily newsletter The Download to get your dose of the latest must-read news from the world of emerging tech.
This startup wants to copy you into an embryo for organ harvesting
With plans to create realistic synthetic embryos, grown in jars, Renewal Bio is on a journey to the horizon of science and ethics.
VR is as good as psychedelics at helping people reach transcendence
On key metrics, a VR experience elicited a response indistinguishable from subjects who took medium doses of LSD or magic mushrooms.
This artist is dominating AI-generated art. And he’s not happy about it.
Greg Rutkowski is a more popular prompt than Picasso.
This nanoparticle could be the key to a universal covid vaccine
Ending the covid pandemic might well require a vaccine that protects against any new strains. Researchers may have found a strategy that will work.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.