LISTEN TO FACEBOOK FEED WITH BRANDON ELLIS
A Facebook blog post confirmed the site had access to millions of users’ passwords, causing controversy across the web. The news was first brought to the surface by online security journalist, Brian Krebs. In his report he claimed that "between 200 million and 600 million Facebook users" were affected; later clarifying that people at risk, “ had their account passwords stored in plain text and searchable by thousands of Facebook employees — in some cases going back to 2012.” Because Facebook left users' password data unencrypted, the actual text itself could have been searchable to what Krebs confirms as "more than 20,000 Facebook employees." Encrypted text is coded and hidden to the general public. Millions of these passwords were visible in plain tweet to thousands at Facebook. This incident is not only far-reaching, but it has occurred for years.
It’s one thing for a reporter to tackle this issue, but what did Facebook have to say about these allegations? A blog post written March 21st from Facebook themselves validates everything Krebs pointed out. In the post, VP of Engineering, Security, and Privacy, Pedro Canahuati had this to say:
“As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems. This caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable. We have fixed these issues and as a precaution we will be notifying everyone whose passwords we have found were stored in this way.”
The post later went on to advise users how to secure/change their passwords. Should people feel threatened about their online security? Many publications believe so, with Fortune as a notable example giving a detailed list on how to change a Facebook password, in response to the news. From an interview that Krebs did with software engineer, Scott Renfro, the Facebook employee claimed that the site had “not found any cases so far in our investigations where someone was looking intentionally for passwords, nor have we found signs of misuse of this data.”
While numerous sources from Facebook have commented on this event, an article from CNBC points out, “Facebook's blog post did not say how many users were affected.” In the same article, they reported Facebook’s shares dropping less than 1 percent on the day of the incident. Since the issue was reported, Facebook stocks have once again risen. It is uncertain if the recent Facebook drama will cause any permanent damage for the social media site.
Will this break users’ trust of Facebook or will it be another scandal pushed under the rug? A breach in trust of this caliber can very well shake the foundation of this online titan.