In a damning privacy revelation, Facebook admitted to storing “hundreds of millions” of account passwords in plain text — a flabbergasting breach with good data security practices.
“As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems,” reads a post published today, written by Pedro Canahuati, Facebook’s VP Engineering, Security and Privacy.
200,000 employees could see the passwords, The Verge reports. According to cybersecurity reporter Brian Krebs, who first identified the flaw, between 200 and 600 million Facebook users are affected.