Facebook does not seem to be catching any break and unfortunately for the company, all the issues it is facing revolve around user privacy. The latest incident involves a “bug” that allowed Facebook employees to see user passwords in plain text.
The issue, which Facebook claims to have fixed, resulted in user passwords being saved in plain text instead of in an encrypted format. Normally, Facebook stores passwords using a technique known as scrypt, which converts the person’s passwords to a random string of characters, and it permits the social media giant to store and authenticate passwords without storing them in a readable format.
This new bug resulted in millions of passwords (up to 600 million to be precise) being accessible to Facebook employees and God knows who else. According to Facebook, a majority of those affected are users of Facebook Lite – quite a common app in Kenya and unfortunately, Facebook’s report also indicates that tens of thousands of Instagram accounts were also affected by the bug.
If we’re to believe the social media giant, apparently no one abused the security flaw before it was discovered – which means chances are your account is safe, for now, however, logs show that approximately 9 million data queries that were made contained plain text passwords. Following this, Facebook has announced that it will be notifying all those affected and advise them to change their passwords.
This is really bad PR for the company, coming just days after they suffered the biggest outage that lasted up to 14 hours and affected a number of Facebook-owned services. Mark Zuckerberg recently gave a speech on how the social media giant is putting more focus on user privacy but all these happenings continue to cast a shadow of doubt on a narrative we did not truly believe anyway.
Since this is not the first time Facebook has exposed user data to unauthorized parties, it is really high time Facebook users stop reusing the same Facebook password on other platforms, actually, users should even avoid signing up for other services through Facebook. To be safe, change your Facebook and Instagram password and make sure it is as complex as it can be, if you need help, take advantage of password managers!