Connect with us

Technology

Facebook reveals ‘millions’ of Instagram passwords were exposed

Published

on

Millions of Instagram passwords were exposed by Facebook.
Millions of Instagram passwords were exposed by Facebook.

Image: Chesnot / Getty Images

Welp, it looks like millions of Instagram accounts were left out in the open for Facebook employees to see. 

A full month after Facebook admitted it mistakenly stored hundreds of million of passwords in plaintext where employees could see them, the company quietly added a significant update: that millions of Instagram passwords were also affected.

“Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format,” Facebook wrote. “We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed.”

The company did not offer an explanation on why it took four weeks for this additional piece of information to be added to its initial disclosure, or why it chose to do so at almost exactly the same time as the entire freaking Mueller report dropped.

The initial password issue was only disclosed after KrebsOnSecurity revealed its existence thanks to an anonymous tipster. About 20,000 employees had access to the passwords, according to his sources. Now, we know “millions” of Instagram passwords were also floating around for employees to find, though Facebook says it’s found no evidence of that happening. 

But even though Facebook claims nothing nefarious came of the blunder, it’s alarming that the company would be so careless with Instagram passwords. Many Instagram users are already deal with frequent hacking attempts, and users whose accounts are hacked are often unable to get them back because of Instagram’s flawed support system. That so many passwords were exposed doesn’t support the company’s assertions that it cares about its users’ security.

It’s equally troubling that the company would wait for one of the most momentous political events in recent memory to disclose the information and would bury it in a month-old press release. Instagram says it will notify those affected directly, so all users should probably keep an eye out for any emails from Instagram. (And, needless to say, if you do get such an email from Facebook, you should definitely change you password.)

Uploads%252fvideo uploaders%252fdistribution thumb%252fimage%252f91053%252fcb921bce 46f8 4c55 ae58 f986cd86c690.jpg%252foriginal.jpg?signature=ooflwrvl5j jmcu55kq3a26o4dc=&source=https%3a%2f%2fblueprint api production.s3.amazonaws

Continue Reading
Advertisement Find your dream job

Trending