The company claims that the error has mostly affected Facebook Lite, and no misuse has been made
A new day, and a new Facebook scandal. On Thursday, the company admitted to making a huge mistake, storing for years “hundreds of millions” of unencrypted users’ passwords on its internal servers. And according to security expert Brian Kreps , who revealed the case, says that nearly 20,000 Facebook employees had access to passwords. The company ensures that no malicious use has been made. The people concerned will be notified by email, and they will be advised to change their password.
According to Facebook, this blunder mainly concerned users accessing the Facebook Lite portal, a lighter version for the regions of the world with a slower Internet connection. According to company estimates, the number of users affected is “several hundred million” for Facebook Lite, “tens of millions” for Facebook and “tens of thousands” for Instagram.
The problem “settled”
Facebook explains that passwords are normally passed in a mathematical mill, which stores this crucial information in encrypted form (“encrypted” in French). For example, the password Eat + Des + P0mmes becomes 1C0A8D99F3BCE32A477AAB1E8003CA59497FBFDB0EFCFB56CDFDD865140B4B19 . If hackers manage to steal it, it takes them much longer to recover the original password because the operation can not be reversed – hackers can simply try to apply the math function on common passwords and compare the result.
Facebook does not explain the origin of its blunder, but assures that the problem has been solved. It remains to be seen whether this new failure infringes the European Data Regulation ( GDPR ). In which case, an investigation could be launched against Facebook. One more, after the scandal Cambridge Analytica and the partnership of sharing personal information revealed late 2018 . But it’s sworn, Facebook will thoroughly review its servicesand rebuild around privacy. It will obviously have to start from scratch.