A rather
shocking vulnerability was uncovered by security researcher Brian Krebs, who
reports that Facebook left the passwords of approximately 200 to 600 million
users simply ‘stored’ in plain text.
A huge number
of Facebook, Facebook Lite, and Instagram users may have had their passwords
exposed as the aftereffect of a disturbing oversight by the social networking
company.
Facebook
just previously learned of the issue this past January and has since affirmed
the shocking security failure, yet persists it has fixed the issue and has not
discovered any proof that the data was 'abused.'
Albeit all
users whose passwords were exposed will be informed, the 'shocking flaw' comes
so far another blow to the already melting away trust of numerous Facebook
users in the midst of the two years of consecutive privacy scandals.
The firm is
as yet attempting to decide precisely the exact number of passwords which were
exposed and to what extent, assures a source at Facebook who cautioned Krebs of
the issue in the first place.
‘It’s
so far unclear what caused some users’ passwords to be left exposed. To be
clear, these passwords were never visible to anyone outside of Facebook and we
have found no evidence to date that anyone internally abused or improperly
accessed them, we estimate that we will notify hundreds of millions of Facebook
Lite users, tens of millions of other Facebook users, and tens of thousands of
Instagram users.'
- Facebook released a public statement with Krebs' report
and affirms that it revealed the plain text passwords amid a standard security
review in January.
In any case while Facebook says no password reset is as such
required, it will caution the users if their information has been abused or
will be abused in any way, the security experts still recommend the users to
change their current passwords.
