Welcome to WebmasterWorld Guest from 34.204.189.171

Forum Moderators: not2easy

Facebook Stored Millions of Unencrypted Passwords

     
5:22 pm on Mar 21, 2019 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:26372
votes: 1035


According to a report, Facebook has stored between 200 million, and 600 million user passwords unecrypted, and the data was searchable within Facebook's employees.

Can the bad news about security an privacy get any worse for Facebook!

Facebook is probing a series of security failures in which employees built applications that logged unencrypted password data for Facebook users and stored it in plain text on internal company servers. Thatís according to a senior Facebook employee who is familiar with the investigation and who spoke on condition of anonymity because they were not authorized to speak to the press.

The Facebook source said the investigation so far indicates between 200 million and 600 million

[krebsonsecurity.com...]

Earlier stores
Facebook Receives Criticism Over Phone Number "Look-Up" [webmasterworld.com]
Report: F.T.C. and Facebook Negotiating Multi-Billion Dollar Fine Over its Privacy Practices [webmasterworld.com]
Facebook, WhatsApp and Instagram Data Unification Stopped in Germany [webmasterworld.com]
Facebook Comes Under Fire Again For Use of Access to User Data [webmasterworld.com]
Facebook Appeals £500,000 UK Regulator Fine Over Cambridge Analytica [webmasterworld.com]
5:43 pm on Mar 21, 2019 (gmt 0)

Senior Member

WebmasterWorld Senior Member Top Contributors Of The Month

joined:Apr 1, 2016
posts:2711
votes: 822


"We messed, we are going to do better, we're sorry." says Zuck again....

At this point he should just create a bot version of himself that he can send on a continuous apology tour. The bot may actually come across as being more sincere than the real thing.
10:39 pm on Mar 21, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:10461
votes: 1095


One wonders what the employees might have done with access to such info. Inquiring minds want to know.
12:52 pm on Mar 22, 2019 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:26372
votes: 1035


Facebook confirmed that they have no evidence that the passwords were leaked. However, the sheer number of employees that had access to the data might be an issue in time to come.

The company said...
We have fixed these issues and as a precaution we will be notifying everyone whose passwords we have found were stored in this way.


[newsroom.fb.com...]
11:14 pm on Mar 24, 2019 (gmt 0)

Preferred Member

10+ Year Member Top Contributors Of The Month

joined:July 23, 2004
posts:596
votes: 103


We offer social media management services here for our clients that want it, and this weekend Facebook was quite effectively dumped from the list.
I don't have the time -- Granted, every social platform is going to have it's own fair share of issues, but this whole Facebook deal is getting to be a bit over the top, and I'm just not interested in helping to support a platform that continues to play fast and loose with it's user base in such a fashion.

I'll be looking at Facebook in much the same way as I looked at MySpace going forward --
8:06 pm on Mar 25, 2019 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:May 1, 2018
posts: 103
votes: 17


Funny that people still dont get it.. their address is 1 Hacker Way, Menlo Park, 94025... do you think they named it that because they stop hackers?
2:57 pm on Apr 19, 2019 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:26372
votes: 1035


Facebook updates its post from earlier in this thread and it now seems million of Instagram users were affected, and not tens of thousands, as previously believed.

(Update on April 18, 2019 at 7AM PT: Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format. We now estimate that this issue impacted millions of Instagram users.

[newsroom.fb.com...]

Is this hiding the announcement by putting an update on the March 21, post.

How many holes is FB digging!