“It’s good news for consumers that Facebook says none of the data was exploited by bad actors, but this is alarming, especially because many people tend to reuse the same password across different services,” says Bob Richter, who heads Consumer Reports’ privacy and security testing. If a password is stored in plain text, as was the case with Facebook, anyone who reads it could use it to gain access to your account. When passwords are hashed, an algorithm replaces the characters with a random series of letters and numbers, making it difficult for a human to read them. Standard security practices call for passwords to be “hashed” before they’re stored on corporate servers. But Facebook says it did not become aware of the issue until January. “Software bugs happen, especially at large institutions like Facebook with so many moving parts, but it’s surprising that an issue of this magnitude slipped through for as long as it did.”Īccording to reporting by Krebs on Security, a noted source of security news, employees have had access to some passwords since 2012. “This is far from the first privacy and security incident at Facebook within the last year,” says Justin Brookman, director of consumer privacy and technology policy at Consumer Reports. The new incident doesn’t pose much danger to consumer data, according to privacy experts, but it further erodes consumer trust in Facebook’s privacy and security practices. Facebook Lite is designed to work over slow data connections. That will include “hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users,” the post said. “We have fixed these issues and as a precaution we will be notifying everyone whose passwords we have found were stored in this way,” the post said. The problem was discovered in January, according to the blog post. The company says that it has no evidence that the passwords were stolen or misused and that they weren’t available to anyone outside the company. Facebook announced March 20 in a blog post that passwords belonging to “hundreds of millions” of users were stored unencrypted on the company’s servers, where they could have been accessed improperly by Facebook employees.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |