Facebook revealed that it has kept a record of hundreds of millions of user passwords in plain text.
The social media giant’s Vice President of Engineering, Security and Privacy, Pedro Canahuati, wrote in a blog post that hundreds of millions of Facebook Lite users will be notified about this and so will the millions of Facebook and Instagram users.
Facebook Lite is a version of Facebook which is used in areas with weak connectivity.
According to Canahuati the mistake they made was noticed in January but did failed to comment on why an announcement wasn’t made about the issue at the time. Instead, the announcement came over two months later.
“As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems,” said Canahuati.
He also stated that the passwords which were stored were never visible to anyone outside Facebook and that they were not abused or improperly used by any of the staff.
“This caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable.
We have fixed these issues and as a precaution we will be notifying everyone whose passwords we have found were stored in this way.”