Facebook Employees Could Access Unencrypted Passwords for Millions of Users


Level 37
Feb 4, 2016
As part of a seemingly never-ending stream of security blunders, Facebook disclosed today that the passwords of hundreds of millions of Facebook and Instagram users were stored in plain text for years on internal data storage systems.

According to Pedro Canahuati, VP Engineering, Security and Privacy:

To be clear, these passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them. We estimate that we will notify hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users. Facebook Lite is a version of Facebook predominantly used by people in regions with lower connectivity.

The issue was discovered by Facebook during a routine security review from January 2019, when they discovered that "some user passwords were being stored in a readable format within our internal data storage systems."


Level 31
Content Creator
May 13, 2017
So much for the encrypted private communication on FB. :D

Many services do not even have access to user's passwords for security and privacy reasons, obviously FB is not one of them.