Facebook stored millions of passwords in plaintext

25 Mar 2019 by Friedrich Ewald

Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees — in some cases going back to 2012, KrebsOnSecurity has learned. Facebook says an ongoing investigation has so far found no indication that employees have abused access to this data.

Facebook’s statement can be found here.

I am Friedrich Ewald, software engineer living in San Francisco, CA.