Back in late March, Facebook came under fire for storing its users’ passwords in a readable format — exposing around 600 million passwords to its employees. As if that wasn’t bad enough, Facebook’s now quietly announced that something similar also happened to Instagram accounts.
Added as a text update to an article on the Facebook Newsroom published four weeks ago, Facebook says the following:
Update on April 18, 2019 at 7AM PT: Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format. We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed
Yep. It happened again.
While Facebook reassures that the passwords weren’t compromised or abused, it’s remarkable the company didn’t catch this sooner following the SNAFU that occurred last month. Even more damning is the fact that this news was quietly released as a discrete update in an existing press release.
Try as it might to regain people’s trust, it’s hard imagining Facebook making any progress on that front when stuff like this regularly happens.