Facebook CEO, Mark Zuckerberg, has talked about how he wanted to make Facebook a “privacy-focused platform“. As a result of previous leaks, Facebook announced they “found some user passwords were being stored in a readable format within [their] internal data storage systems”.
How Facebook Store Passwords
It is estimated that 200-600 million user passwords were stored in a plain text file on Facebook’s internal server, dating back to 2012. This means that instead of seeing a scrambled, unrecognizable version of a password, more than 20,000 Facebook employees could search and see your password in a readable format, like:
These passwords were never visible to people outside of Facebook. Facebook stated that they have “found no evidence to date that anyone internally abused or improperly accessed them”.
So although things could have been much worse, it’s still not great. If you are thinking that this seems like a basic mistake that shouldn’t have happened, well you’d be right.
When did this happen?
When Facebook found the breach, it was during a routine security review. They only admitted to the leak about nearly 3 months later after the review.
Facebook has stated “this caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable. We have fixed these issues and as a precaution we will be notifying everyone whose passwords we have found were stored in this way.”
What should you do?
Although Facebook said they’ll contact users who were affected we’d still recommend you change your Facebook password right away. Make sure you are not using one of the worst passwords of 2019. Why not? You can never be too careful when it comes to your privacy.
Like we’ve mentioned in the past, if you can, it’s always a good idea to turn on two-factor authentication. This means even if someone has your password, they’ll still need a second code/authentication to get into your account. Usually, this is a code sent to your phone or generated somewhere else that you’ll need to input.