Last month, news broke that Facebook employees had access to up to 600 million user passwords, which had been stored in plain text. Today, the company revealed that millions of Instagram passwords were also stored in a readable format. An internal investigation determined the stored passwords were not internally abused or improperly accessed, but this adds to the growing list of privacy issues the company seems to be racking up.
Facebook shared the news as an update to a month-old blog post, which could be seen as a suspicious move to attract less attention. But a company spokesperson said Facebook simply learned that more Instagram passwords than originally suspected were exposed. Facebook had estimated it would have to notify tens of thousands of Instagram users, but it has since learned that millions were impacted.
This update comes less than 24 hours after we found out that Facebook also unintentionally saved email contact lists of up to 1.5 million new users. The company previously said it would reach out to the millions of Facebook users whose passwords were stored in plain text. Now, it will have to contact users whose email lists were snagged and millions of Instagram users, as well.
You can read Facebook’s statement below:
“This is an issue that has already been widely reported, but we want to be clear that we simply learned there were more passwords stored in this way. There is no evidence of abuse or misuse of these passwords.”