University Crest

[wlug] For Years, Hundreds of Millions of Facebook Users Had Their Account Passwords Stored in Plain Text and Searchable By Thousands of Facebook Employees

wlug archive index About the wlug list Mailing lists home
To The University of Waikato HomepageWaikato Home > Waikato Mailing Lists > wlug Info > wlug archives
Peter Reutemann fracpete@w...
Fri Mar 22 12:36:02 NZDT 2019

'Hundreds of millions of Facebook users had their account passwords
stored in plain text and searchable by thousands of Facebook employees
-- in some cases going back to 2012, KrebsOnSecurity reported
Thursday. From the report:

Facebook says an ongoing investigation has so far found no indication
that employees have abused access to this data. Facebook is probing
the causes of a series of security failures in which employees built
applications that logged unencrypted password data for Facebook users
and stored it in plain text on internal company servers. That's
according to a senior Facebook employee who is familiar with the
investigation and who spoke on condition of anonymity because they
were not authorized to speak to the press. The Facebook source said
the investigation so far indicates between 200 million and 600 million
Facebook users may have had their account passwords stored in plain
text and searchable by more than 20,000 Facebook employees. The source
said Facebook is still trying to determine how many passwords were
exposed and for how long, but so far the inquiry has uncovered
archives with plain text user passwords in them dating back to 2012.'

-- source:

Cheers, Peter
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174

More information about the wlug mailing list
NOTICE: This is an archive of a public mailing list. The University of Waikato is not responsible for its contents.

The University of Waikato - Te Whare Wananga o Waikato