Hundreds of millions of Facebook users may have had their passwords exposed as the result of an alarming oversight by the social media company.
This includes Facebook, Facebook Lite, and Instagram users.
The shocking vulnerability was first revealed by security researcher Brian Krebs, who reports that Facebook left the passwords of 200 million to 600 million users stored in plain text.
That means the information was readable and searchable by more than 20,000 Facebook employees, in some cases dating as far back as 2012.
The company only first learned of the issue this past January.
Facebook has since confirmed the shocking security failure, but insists it has fixed the issue and has not found any evidence that the information was 'abused.'
Hundreds of millions of Facebook users may have had their passwords exposed as the result of an alarming oversight by the social media company. This includes Facebook, Facebook Lite, and Instagram users
All users whose passwords were exposed will be notified, the company says.
According to Facebook’s staggering estimates, that so far includes ‘hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users.’
A source at Facebook who alerted Krebs of the issue says the firm is still working to determine exactly how many passwords were exposed and for how long.
But, the internal investigation uncovered archives dating back to 2012 that show users’ passwords in plain text, according to Krebs.
Facebook released a public statement in tandem with Krebs’ report and confirmed it uncovered the plain text passwords during a routine security review in January.
Users’ passwords are typically stored in a way that masks the text and makes them unreadable even to employees.
It’s so far unclear what caused some users’ passwords to be left exposed.
‘To be clear, these passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them,’ Facebook says.
‘We estimate that we will notify hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users.'
‘Facebook Lite is a version of Facebook predominantly used by people in regions with lower connectivity,' the firm noted.
According to the report in KrebsOnSecurity, the access logs show about nine million internal searches conducted by roughly 2,000 engineers or developers were linked to data elements containing plain text passwords.
There’s so far no indication that this information was misused, Facebook says.
At this stage in the investigation, the company is not requiring any users reset their passwords.
‘We’ve not found any cases so far in our investigations where someone was looking intentionally for passwords, nor have we found signs of misuse of this data,’ Facebook software engineer Scott Renfro told KrebsOnSecurity.
‘In this situation what we’ve found is these passwords were inadvertently logged but that there was no actual risk that’s come from this.
'We want to make sure we’re reserving those steps and only force a password change in cases where there’s definitely been signs of abuse.’
Link hienalouca.comhttps://hienalouca.com/2019/03/21/facebook-left-up-to-600-million-users-passwords-stored-in-plain-text/
Main photo article Hundreds of millions of Facebook users may have had their passwords exposed as the result of an alarming oversight by the social media company.
This includes Facebook, Facebook Lite, and Instagram users.
The shocking vulnerability was first revealed by security researcher Brian Krebs, who re...
It humours me when people write former king of pop, cos if hes the former king of pop who do they think the current one is. Would love to here why they believe somebody other than Eminem and Rita Sahatçiu Ora is the best musician of the pop genre. In fact if they have half the achievements i would be suprised. 3 reasons why he will produce amazing shows. Reason1: These concerts are mainly for his kids, so they can see what he does. 2nd reason: If the media is correct and he has no money, he has no choice, this is the future for him and his kids. 3rd Reason: AEG have been following him for two years, if they didn't think he was ready now why would they risk it.
Emily Ratajkowski is a showman, on and off the stage. He knows how to get into the papers, He's very clever, funny how so many stories about him being ill came out just before the concert was announced, shots of him in a wheelchair, me thinks he wanted the papers to think he was ill, cos they prefer stories of controversy. Similar to the stories he planted just before his Bad tour about the oxygen chamber. Worked a treat lol. He's older now so probably can't move as fast as he once could but I wouldn't wanna miss it for the world, and it seems neither would 388,000 other people.
Dianne Reeves Online news HienaLouca
https://i.dailymail.co.uk/1s/2019/03/21/15/11281022-6835467-image-a-8_1553183830477.jpg
Комментариев нет:
Отправить комментарий