Facebook Stored Hundreds of Millions Passwords in Plain Text, Thousands of Employees Had Access

by

Facebook today announced that during a routine security review it discovered "some user passwords" were stored in a readable format within its internal data storage systems, accessible by employees.

As it turns out, "some user passwords" actually means hundreds of millions of passwords. A Facebook insider told KrebsOnSecurity that between 200 and 600 million Facebook users may have had their account passwords stored in plain text in a database accessible to 20,000 Facebook employees. Some Instagram passwords were also included, and Facebook claims many of the passwords came from Facebook Lite users.

facebooksecurity
Facebook says that there's no "evidence to date" that anyone within Facebook abused or improperly accessed the passwords, but KrebsOnSecurity's source says 2,000 engineers or developers made around nine million internal queries for data elements that contained plain text user passwords.

Facebook employees reportedly built applications that logged unencrypted password data, which is how the passwords were exposed. Facebook hasn't determined exactly how many passwords were stored in plain text, nor how long they were visible.

Facebook plans to notify users whose passwords were improperly stored, and the company says that it has been looking at the ways certain categories of information, such as access tokens, are stored, and correcting problems as they're found.

"There is nothing more important to us than protecting people's information, and we will continue making improvements as part of our ongoing security efforts at Facebook," reads Facebook's blog post.

Facebook and Instagram users who are concerned about their account security should change their passwords, using unique passwords that are different from passwords used on other sites. Facebook also recommends users enable two-factor authentication.

Tag: Facebook

Popular Stories

iOS 26 Battery Glass Feature

iPhone 16 Pro Max 80% Charge Limit: One Year Later, Was It Worth It?

Wednesday September 24, 2025 3:58 pm PDT by
With the iPhone 15 series, I did an experiment and kept my iPhone's Charge Limit set at 80 percent for an entire year. It provided an interesting look at the impact of charge limits on battery longevity, so I decided to repeat it for the iPhone 16 line. Since September 2024, my iPhone 16 Pro Max has been limited to an 80 percent charge, with no cheating. As of today, my battery's maximum...
Read Full Article569 comments
Home Hub Command Center with Dome Base Feature

Apple Working on All-New Operating System

Thursday September 25, 2025 1:11 pm PDT by
Apple is developing an all-new operating system codenamed "Charismatic," according to Bloomberg's Mark Gurman. Apple smart home hub concept based on rumors This is likely Apple's long-rumored "homeOS" operating system. In a report last month, Gurman said both Apple's rumored smart home hub in 2026 and tabletop robot in 2027 will run the new operating system. He said the software platform ...
Read Full Article
AirPods Pro 3 Newsroom

Apple's 'Back to School' Offer Ends Soon, Now Applies to AirPods Pro 3

Wednesday September 24, 2025 7:20 am PDT by
Apple's annual "Back to School" promotion for students ends soon, so act fast if you want to score free AirPods with the purchase of an eligible new Mac or iPad. Until Tuesday, September 30, college students and qualifying educational staff in the U.S. can receive free AirPods 4 with Active Noise Cancellation when they purchase an eligible new Mac or iPad from Apple. This is a $179 value. ...
Read Full Article17 comments
iOS 26

iOS 26.0.1 Update for iPhones Coming Soon — Here's What to Expect

Thursday September 25, 2025 12:40 pm PDT by
Apple is preparing to release iOS 26.0.1, according to a private account on X with a proven track record of sharing information about future iOS versions. MacRumors has also seen evidence of iOS 26.0.1 in its visitor logs in recent days. It is likely that iOS 26.0.1 will fix a camera-related bug on the new iPhone Air and iPhone 17 Pro models. In his iPhone Air review, CNN Underscored's...
Read Full Article
iPhone 17 Pro Colors

Skipped the iPhone 17 Pro? Here's What is Rumored for iPhone 18 Pro

Tuesday September 23, 2025 8:55 am PDT by
While the iPhone 18 Pro and iPhone 18 Pro Max are still a year away, there are already a few rumors about the devices that offer an early look ahead. Below, we have recapped some of the early iPhone 18 Pro rumors so far. This story was published previously, and it has been updated to reflect the latest rumors. Many early rumors prove to be true, but nothing is confirmed yet, and Apple's...
Read Full Article106 comments
iOS 26

Everything New in iOS 26.1 Beta 1

Monday September 22, 2025 12:44 pm PDT by
Apple released the first beta of iOS 26.1 today, just a week after launching iOS 26. iOS 26.1 mainly adds new languages to Apple Intelligence, but there are a few other features that are worth knowing about. New Apple Intelligence Languages Apple Intelligence is now available in Danish, Dutch, Norwegian, Portuguese (Portugal), Swedish, Turkish, Chinese (Traditional), and Vietnamese. AirPo...
Read Full Article143 comments
apple tv 4k new orange

Next Apple TV Expected to Launch This Year With These New Features

Monday September 22, 2025 10:00 am PDT by
The next Apple TV is expected to be released later this year, and a handful of new features and changes have been rumored for the device. Below, we recap what to expect from the next Apple TV, according to rumors. Likely Features N1 Chip With Wi-Fi 7 Last year, Bloomberg's Mark Gurman said the next Apple TV would be equipped with Apple's own combined Wi-Fi and Bluetooth chip, which is...
Read Full Article102 comments
Apple More Personal Siri Ad

Apple Responds to U.S. Class Action Lawsuit Over Delayed Siri Features

Friday September 26, 2025 6:57 am PDT by
In March, Apple delayed the launch of its personalized Siri features, and soon after the company was hit with multiple class action lawsuits over the situation. The plaintiffs said they never would have purchased an iPhone 16, or would have paid less, had they known Apple's marketing about the Siri features was false. In the U.S., all of the complaints were consolidated into one class...
Read Full Article159 comments

Top Rated Comments

dannyyankou Avatar
dannyyankou
85 months ago
Delete Facebook and delete your accounts
Score: 104 Votes (Like | Disagree)
wesleypitts Avatar
wesleypitts
85 months ago
How is this company not being criminally prosecuted?
Score: 84 Votes (Like | Disagree)
JimmyBanks6 Avatar
JimmyBanks6
85 months ago
While many are saying "is anyone surprised" I actually am at this.

This is one of the largest corporations in the world, whose sole business is its internet applications, and they ignored one of the most basic security expectations of hashing a password?

That is absolutely surprising and shameful and there is no excuse from them that is acceptable.
Score: 47 Votes (Like | Disagree)
AngerDanger Avatar
AngerDanger
85 months ago
Consider my mind blown.

Score: 35 Votes (Like | Disagree)
1050792 Avatar
1050792
85 months ago
I'm shocked at Facebook's lack of security!
Said nobody.
Score: 34 Votes (Like | Disagree)
johnalan Avatar
johnalan
85 months ago
Disgusting.


Use privacy enhancing tech or pay the price, in future privacy will be currency.

* GPG
* Veracrypt
* Monero
* VPN
* DuckDuckGo
* Pi.hole
Score: 31 Votes (Like | Disagree)
Read All Comments