Facebook allegedly stored between 200 and 600 million users’ passwords in plain text, leaving them exposed to about 20,000 employees.
According to Krebs on Security, the passwords were easily searchable to the many Facebook employees going back to 2012.
The company put out a statement about the privacy gap, saying they fixed the issues and will be notifying users whose passwords were inaccurately stored.
“To be clear, these passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them,” the statement reads.
Typically, passwords are protected through encrypted storage that makes them unreadable. In the statement, the social media platform outlines their security measures in place to protect people’s accounts.
Even though the company says users who were affected will not be required to change their passwords, many tech experts are suggesting users do so anyways to insure protection.
Now, see how people reacted to the news on Twitter.
I have no words. This is security 101. Encrypt passwords. 😡😡😡https://t.co/asqJWUlFjM
— Mark Suster (@msuster) March 21, 2019
Move fast and store passwords in plaintext#facebook
— Amir Yousefi (@amiryousefi_) March 22, 2019
Have no fear, though! Facebook is providing an extra layer of security by allowing you to bypass that pesky password requirement for logging in: pic.twitter.com/145k72HdJo
— Emily Claire Goldman (@mle_goldman) March 22, 2019
In over a decade, there has not been one news story about Facebook that made me think better of it. Not one.
Change your passwords straight away, folks. https://t.co/PNwEQPxhyc
— Phil Plait (@BadAstronomer) March 22, 2019
Additionally, in lighter news, here’s how you can enable “dark mode” on Facebook to live your true emo fantasies even when you’re scrolling through your timeline. Yes, that’s how strong our brand is.
What do you think of the Facebook security news? Sound off in the comments below!