The company owned by Mark Zuckerberg admitted to having stored passwords of millions of Instagram users.
The plaintext passwords for millions of Instagram users, along with millions of Facebook users, were accessible to some of the Facebook engineers, who according to the company, did not abuse it.
Although Facebook announced that the stored plaintext passwords “were not internally abused or improperly accessed”, the company admitted that it does not have precise numbers of affected passwords to share. Also, the company hasn’t revealed the reason for which the passwords were not stored encrypted and how many employees had access to the information.
Facebook mentioned that all the affected users would be notified. The info became public just a day after it was revealed that Facebook also had stored on its servers almost 1.5 million users’ contact information (email contacts), without their consent or knowledge, when they opened their accounts, since May 2016.
Facebook was also asked, along with Google and Twitter, to ensure its social media platform is not abused for political purposes or to spread misinformation during European elections.