Facebook Stored Hundreds of Millions Passwords in Plain Text, Thousands of Employees Had Access

by

Facebook today announced that during a routine security review it discovered "some user passwords" were stored in a readable format within its internal data storage systems, accessible by employees.

As it turns out, "some user passwords" actually means hundreds of millions of passwords. A Facebook insider told KrebsOnSecurity that between 200 and 600 million Facebook users may have had their account passwords stored in plain text in a database accessible to 20,000 Facebook employees. Some Instagram passwords were also included, and Facebook claims many of the passwords came from Facebook Lite users.

facebooksecurity
Facebook says that there's no "evidence to date" that anyone within Facebook abused or improperly accessed the passwords, but KrebsOnSecurity's source says 2,000 engineers or developers made around nine million internal queries for data elements that contained plain text user passwords.

Facebook employees reportedly built applications that logged unencrypted password data, which is how the passwords were exposed. Facebook hasn't determined exactly how many passwords were stored in plain text, nor how long they were visible.

Facebook plans to notify users whose passwords were improperly stored, and the company says that it has been looking at the ways certain categories of information, such as access tokens, are stored, and correcting problems as they're found.

"There is nothing more important to us than protecting people's information, and we will continue making improvements as part of our ongoing security efforts at Facebook," reads Facebook's blog post.

Facebook and Instagram users who are concerned about their account security should change their passwords, using unique passwords that are different from passwords used on other sites. Facebook also recommends users enable two-factor authentication.

Tag: Facebook

Popular Stories

iOS 26 Battery Glass Feature

iOS 26.1 Beta Liquid Glass Battery Drain Test: Tinted vs Clear Mode

Friday October 24, 2025 2:30 pm PDT by
In the fourth iOS 26.1 beta, Apple added a "Tinted" option that reduces the translucency of Liquid Glass for those who prefer a more opaque look. I saw some comments wondering whether the setting might preserve battery life, so I thought I'd do some testing. Test Settings I did four separate tests using the iPhone 17 Pro Max, and I kept the parameters as similar as possible. Here are the...
Read Full Article101 comments
iOS 26

iOS 26.1 Coming Soon With These 8 New Features for Your iPhone

Wednesday October 22, 2025 6:15 am PDT by
The upcoming iOS 26.1 update includes a handful of new features and changes for iPhones, including a toggle for changing the appearance of the Liquid Glass design, "slide to stop" for alarms in the Clock app, and more. iOS 26.1 is currently in beta testing. The update will likely be released in the first half of November, and it is compatible with the iPhone 11 series and newer, but some...
Read Full Article34 comments
iOS 26 Maps Glass

Apple Reportedly Moving Ahead With Ads in Maps App

Sunday October 26, 2025 6:22 am PDT by
Apple Maps could feature integrated ads as soon as next year, Bloomberg's Mark Gurman reports. In his latest "Power On" newsletter, Gurman said that Apple's plan to bring more ads to iOS is moving "gaining traction," with the Maps app being next in line. The project will apparently give restaurants and other businesses the option to pay to have their details featured more prominently in...
Read Full Article375 comments
Emergency SOS via Satellite iPhone YT

iPhone 18 Pro Rumored to Support Full 5G Satellite Internet

Friday October 24, 2025 7:18 am PDT by
At least some new iPhone models launching next year may support full 5G satellite internet, according to a report this week from The Information. "Apple plans to add support in upcoming iPhones as early as next year for 5G networks that aren't tethered to Earth's surface, which includes satellites," the report said. "That would give the iPhone full internet access over satellite," it added. ...
Read Full Article55 comments
trump white house ballroom

Apple Donating to Trump's $350M White House Ballroom Project

Thursday October 23, 2025 3:55 pm PDT by
Apple is one of several tech companies that will contribute to the construction of U.S. President Donald Trump's 90,000-square-foot ballroom, reports CNN. Construction began on the ballroom this week, and the White House's east wing was torn down. Trump claims that the ballroom will cost $350 million, and that it will be privately funded through donations. The cost has already increased $150 ...
Read Full Article656 comments
iPhone 17 Colors

iPhone 18 Rumored to Feature 50% More RAM

Saturday October 25, 2025 2:57 am PDT by
Apple's upcoming iPhone 18 could feature 50% more memory than its predecessor, according to Korea's The Bell. With its latest iPhone lineup, the iPhone Air, iPhone 17 Pro, and iPhone 17 Pro Max feature 12GB of memory. This is a significant increase of 4GB more their predecessors, largely driven by the demands of on-device artificial intelligence processing. The iPhone 17 is the only new...
Read Full Article87 comments
All Screen iPhone 2027 Feature 1

Report: Apple to Skip 'iPhone 19' Name for 'iPhone 20'

Thursday October 23, 2025 4:28 am PDT by
Apple's new iPhone lineup launched in the fall of 2027 will be called the "iPhone 20" models, rather than the "iPhone 19," according to research firm Omdia. Speaking at a conference in Seoul (via ETNews), Omdia Chief Researcher Heo Moo-yeol corroborated rumors that Apple plans to move the launch of its standard iPhone to the first half of the year and provided some additional clarity about...
Read Full Article158 comments
iOS 26 Feature

iOS 26 Leaker Being Sued by Apple is Actually a 'Lifelong Apple Fanboy'

Friday October 24, 2025 9:20 am PDT by
In July, Apple sued well-known YouTuber Jon Prosser and his acquaintance Michael Ramacciotti over alleged theft of the company's trade secrets, after Prosser leaked some iOS 26 details in videos uploaded to his YouTube channel Front Page Tech. If you are not caught up on the lawsuit, read our initial coverage to learn more. Earlier this week, Prosser told The Verge he has "been in active...
Read Full Article87 comments
maxresdefault

The MacRumors Show: iPhone Air Is in Trouble

Friday October 24, 2025 8:32 am PDT by
On this week's episode of The MacRumors Show, we discuss the latest rumors about the iPhone Air not selling as well as Apple hoped. Subscribe to The MacRumors Show YouTube channel for more videos There have been many recent reports suggesting the iPhone Air has failed to catch on with consumers, with Apple moving to cut production due to lower-than-expected sales. The first warning sign was...
Read Full Article188 comments

Top Rated Comments

dannyyankou Avatar
dannyyankou
86 months ago
Delete Facebook and delete your accounts
Score: 104 Votes (Like | Disagree)
wesleypitts Avatar
wesleypitts
86 months ago
How is this company not being criminally prosecuted?
Score: 84 Votes (Like | Disagree)
JimmyBanks6 Avatar
JimmyBanks6
86 months ago
While many are saying "is anyone surprised" I actually am at this.

This is one of the largest corporations in the world, whose sole business is its internet applications, and they ignored one of the most basic security expectations of hashing a password?

That is absolutely surprising and shameful and there is no excuse from them that is acceptable.
Score: 47 Votes (Like | Disagree)
AngerDanger Avatar
AngerDanger
86 months ago
Consider my mind blown.

Score: 35 Votes (Like | Disagree)
1050792 Avatar
1050792
86 months ago
I'm shocked at Facebook's lack of security!
Said nobody.
Score: 34 Votes (Like | Disagree)
johnalan Avatar
johnalan
86 months ago
Disgusting.


Use privacy enhancing tech or pay the price, in future privacy will be currency.

* GPG
* Veracrypt
* Monero
* VPN
* DuckDuckGo
* Pi.hole
Score: 31 Votes (Like | Disagree)
Read All Comments