Facebook revealed that they have accidentally saved a copy of passwords of its millions of users in plaintext. This security incident has also affected Instagram accounts too.
The company admitted that they have discovered this error in January during a routine security check but they did not mention in detail what application on its website had caused this issue to occur. The passwords were readable to those Facebook employees who have internal access to the servers and the database.
Facebook had stated in their blog post that they have conducted investigation regarding the incident and no employee has been found abusing the passwords.
Facebook’s vice president of engineering Pedro Canahuati, confirmed that the passwords were never visible to anyone outside of Facebook, and there is no evidence of anyone internally accessing them.
The exact number of users who were affected by the problem is not mentioned. However, the company would begin to notify their millions of affected Facebook Lite users, millions of other Facebook users, and thousands of Instagram users.
The issue has been resolved now and the users are recommended to change their Facebook and Instagram passwords at the earliest.
All the Facebook and Instagram users are always highly recommended to enable two-factor authentication, login alert feature, use a secure VPN software, password manager, and physical security keys to keep their safe.
This is a new security breach for Facebook. A similar incident occurred to Twitter last year when it unintentionally exposed passwords of its 330 million users in readable text on its internal computer system.