“Facebook is probing a series of security failures in which employees built applications that logged unencrypted password data for Facebook users and stored it in plain text on internal company servers,” Krebs reports. “That’s according to a senior Facebook employee who is familiar with the investigation and who spoke on condition of anonymity because they were not authorized to speak to the press.”
“The Facebook source said the investigation so far indicates between 200 million and 600 million Facebook users may have had their account passwords stored in plain text and searchable by more than 20,000 Facebook employees,” Krebs reports. “Facebook has posted a statement about this incident…”
Read more in the full article here.
MacDailyNews Take: In part of their statement, Facebook states:
While no passwords were exposed externally and we didn’t find any evidence of abuse to date, here are some steps you can take to keep your account secure:
• You can change your password in your settings on Facebook and Instagram. Avoid reusing passwords across different services.
• Pick strong and complex passwords for all your accounts. Password manager apps can help.
• Consider enabling a security key or two-factor authentication to protect your Facebook account using codes from a third party authentication app. When you log in with your password, we will ask for a security code or to tap your security key to verify that it is you.
Our advice? #DeleteFacebook.
