FILE PHOTO: Silhouettes of the mobile users are displayed next to a screen projection of Facebook logo in this photo illustration March 28, 2018. REUTERS/dado Ruvic/Illustration
(Reuters) – Facebook Inc said on Thursday it has resolved a glitch that passwords of millions of users stored in readable format, within its internal systems to its employees.
The passwords were accessible to as many as 20,000 Facebook employees and dated as early as in 2012, cyber security blog KrebsOnSecurity, which first reported said in its report.
“These passwords are never visible to anyone outside of Facebook and we have found no evidence so far that everyone internally is abused or improperly accessed,” the company said.
KrebsOnSecurity, quoting a senior Facebook employee, said an internal investigation by the company so far it appears that there are between 200 million and 600 million Facebook users had their account passwords that are stored in plain text.
Facebook said that the problem was discovered in January as part of a routine security review. The majority of the affected were users of Facebook Lite, a version of the social media app used largely by people in regions with lower connectivity.
The social network is also probing the causes of a series of safety failures, where employees built applications that are logged on non-encrypted password details for Facebook users, the report said.
“We estimate that We will be hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users,” the company said.
Reporting by Shariq Khan and Munsif Vengattil in Bengaluru; Editing by Arun Koyyur