Facebook has been storing millions of Instagram user passwords & uploaded email contacts

author-image
Paawan Sunam
New Update
Facebook


Facebook states that they have discovered logs of Instagram passwords being stored in readable format that has impacted millions of Instagram users.

Facebook claims that their investigation found that stored passwords were not internally abused or improperly accessed.

The issue had first surfaced in March, when Facebook said that as a part of routine security review in January, they found that user passwords were being stored in readable format within their data storage systems. It reportedly affected hundreds of millions of Facebook Lite users and tens of millions of other Facebook users.

Also Read: Facebook tests integrating Stories and News Feed into one swipeable feed

Passwords should be stored in an encrypted format, for the website to confirm it without reading it. Various errors seemed to have caused Facebook's systems to store passwords in plain text since as early as 2012, as reported by Kerbs.

In another recent scandal by Facebook, they "unintentionally uploaded" email contacts of 1.5 million new Facebook users since May 2016. A security researcher had noticed Facebook was asking users for their email passwords and Business Insider then discovered that once an email password was entered, a pop-up appeared saying that it was importing your contacts without asking for permission first. In a statement made to Business Insider a company spokesperson said, it "unintentionally uploaded" the email contacts and is now deleting them.

Instagram Facebook Business Insider facebook lite company Email instagram users contacts users security review issue statement researcher security researcher email contacts Facebook Lite users passwords permission routine security review user passwords