A Facebook, Instagram bug exposed millions of company user’s password to its employees. Facebook software meant to encrypt user passwords from its employee access has failed, leaving millions of users passwords visible to all its network employees. This bug was first discovered in routine review in January and then it was fixed. This bug has exposed passwords for users on Facebook, Facebook Lite, and Instagram.
Facebook said it hasn’t found any evidence that the passwords were compromised externally. The bug has only exposed plain text passwords for the company’s employees. The company also said they didn’t find any evidence of employees misusing the information.
Facebook says it will report the bug to all its users. Facebook estimates millions of users were affected by it. Facebook Lite designed for slower connection devices is also affected by this bug. Millions of Facebook users could have affected by this bug and also thousands of Instagram users.
The Facebook official statement via a blog post by Pedro Canahuati “In the course of our review, we have been looking at the way we store certain other categories of information — like access tokens — and have fixed problems as we’ve discovered them.” and he also said “There is nothing more important to us than protecting people’s information, and we will continue making improvements as part of our ongoing security efforts at Facebook.”
As a concern by Facebook, Instagram users can reset their passwords for both Facebook and Instagram. For further protection, users can enable security keys and two-factor authentication. We would recommend the users to use third-party authentication app instead of using a phone number.
Related Blog – You Can’t Delete Or Hide Your Phone Number On Facebook