A bug caused Facebook to store millions of users’ passwords in plain text that can be accessed by thousands of Facebook employees, according to Krebs on Security.
The issue has since been fixed. Facebook has reiterated that the passwords were never visible to anyone outside the company. According to their ongoing investigation though, user passwords as far back as 2012 may have been exposed.
It is believed that between 200 million and 600 million Facebook users may have been affected. Over 20,000 Facebook employees had access to the passwords.
Needless to say, change your Facebook and Instagram passwords immediately. It is better to be on the safe side on this one.
Facebook reiterates that you secure your account further with a combination of common sense and available tools.
- Change your passwords by going to settings on Facebook and Instagram. Avoid using the same passwords across different services.
- Pick strong and complex passwords for all your accounts. Password manager apps can help.
- Enable a security key or two-factor authentication to protect your Facebook account further. When you log in with your password, they will ask for a security code or tell you to tap your security key to verify that it is you.
In October 2018, a Facebook breach was uncovered and believed to have affected over 750,000 Facebook users in the Philippines.