In another revelation on Thursday, Facebook disclosed that it stored millions of passwords of Instagram users in plaintext. The social networking company mentioned this incident in an update to the earlier blog written on passwords kept in plaintext in its storage systems.
Last month, Facebook admitted that it stored millions of user passwords in ‘a readable format’ after it conducted a security review on January this year. The platforms included Facebook, Facebook Lite and Instagram.
The big picture
Large number of users at risk
Facebook has not revealed the exact number of users affected in the plaintext incident, neither in the case of Instagram users nor Facebook users. However, it is possible that the user base involved might be very large. KrebsonSecurity had earlier reported that the incident had spanned more than a hundred million users.
“The Facebook source said the investigation so far indicates between 200 million and 600 million Facebook users may have had their account passwords stored in plain text and searchable by more than 20,000 Facebook employees,” Brian Krebs wrote. Only future investigations can reveal the actual number of users affected by this incident.