• Skip to primary navigation
  • Skip to main content
  • Skip to footer
Vitanium logo

Vitanium

  • Home
  • Products & Services
    • Datahive cloud backup
    • Veeam cloud connect backup
    • Veeam cloud connect for MSPs
    • Veeam Cloud Connect Replication
    • Cloud email filtering
    • Cloud email archiving
    • Virus Protection
  • Solutions
    • Office 365 Solutions
    • Ransomware
    • Business continuity
    • GDPR
    • Backup for education
  • Pricing
    • Datahive backup
    • Veeam cloud connect
    • Cloud email filtering
    • Cloud email archiving
  • Partners
  • About
  • Blog
  • Contact
Facebook search

Facebook Leaves Millions Of Passwords Unencrypted

April 3, 2019

Facebook Leaves Millions Of Passwords Unencrypted

Surprise, surprise, Facebook are at the centre of yet another security fiasco. Someone needs to give their security team a poke and tell them to start following best practices! Is poking even still a thing on Facebook?

I just Googled it and it’s still a thing, but it was made a little less obvious nearly 8 years ago now. However redundant poking is, it seems Facebook aren’t doing too good at hiding their peeking. Back in January they were caught snooping on users’ private conversations on messenger… again. Of course it goes without mentioning the debacle with Cambridge Analytica too.

Even more recently, however, it seems their security hasn’t improved all too much, with the report that they had mistakenly stored hundreds of millions of users’ passwords in plaintext. In other words, it wasn’t encrypted.

To make it even worse, this wasn’t just on Facebook, but also on Instagram. Obviously this list isn’t available anywhere publicly, but there are several internal engineers at Facebook that would have had access to this database through the servers. Now when I say several, at a company as big as Facebook, this translates to over 2000 individuals.

The error was discovered in January during routine security checks and they then performed an internal investigation to find out if any employees abused their access to this data. They found no evidence to suggest that this was the case, but of course there is no way to know for sure that your password hasn’t been compromised. There is no way for them to reliably know if any of the thousands that had access could have taken down copies of any of those account details over the years they were available!

In a statement from Facebook’s Vice President of Engineering, Pedro Canahuati, he said, “To be clear, these passwords were never visible to anyone outside of Facebook, and we have found no evidence to date that anyone internally abused or improperly accessed them.”

Exact numbers have not been confirmed, nor how to know if you have been affected, but as always in cases like this, it’s probably best to change your password again. Better to be safe than sorry!

By the time I posted this, Facebook have already had another hiccup, although more minor. Have a read here about Facebook asking users for their email passwords.

Filed Under: blog

Footer

EMEA

Vitanium

Europe, Middle East & Africa
phone + 44 (0)345 258 1500
email info@vitanium.com

America & Asia

Vitanium

10 Lanidex Plaza West Ste 213
Parsippany, NJ 07054
phone +1 973 526-2979
hotline +1 973 526-2988
email info@vitanium.com

Asia Pacific

phone +65 6353 0555
hotline +65 6353 7448
email info@vitanium.com

Newsletter Optin

Sign up to our newsletter for the latest in backup and data protection solutions. No spam - we promise!

  • LinkedIn
  • Twitter

Useful links

  • Home
  • Datahive cloud backup
  • Veeam cloud connect backup
  • Veeam Cloud Connect Replication
  • Office 365 Solutions
  • Cloud email filtering
  • Cloud email archiving
  • Pricing
  • Partners
  • About
  • Complaints

Copyright © 2021 · Vitanium Cloud Limited.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are as essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.