Millions more Instagram users were affected by a password security lapse than parent company Facebook acknowledged nearly four weeks ago.
The social media giant said in late March that it had inadvertently stored passwords in plain text, making it possible for its thousands of employees to search them. It said the passwords were stored on internal company servers, where no outsiders could access them.
Facebook said in a blog post Thursday that it now estimates that “millions” of Instagram users were affected by the lapse, instead of the “tens of thousands” it had originally reported. It had also said in March that the issue affected “hundreds of millions” of Facebook Lite users and millions of Facebook users. Facebook Lite is designed for people with older phones or slow internet connections.
The security shortcoming was revealed on the heels of a series of controversies centered on whether Facebook properly safeguards the privacy and data of its users.
The basic data defense mistake would also appear contrary to the “Hacker Way” mantra that Facebook co-founder Mark Zuckerberg has espoused at the social network.