About a month ago, word leaked that Facebook had failed to properly store the passwords of up to 600 million users, logging and storing them in unencrypted plain text.
At the time, the social platform said an additional “tens of thousands” of Instagram accounts were also affected. But as happens seemingly every time Facebook discloses bad news regarding data privacy, it’s time to revise the number higher.
While the world pored over the Mueller report Thursday morning, the company quietly revised the count on its original announcement from “tens of thousands” to “millions.”
A Facebook spokesperson couldn’t specify how many millions of Instagram accounts were affected but did clarify that it’s not in the hundreds or tens of millions.
“This is an issue that has already been widely reported, but we want to be clear that we simply learned there were more passwords stored in this way,” the spokesperson said in an emailed statement. “There is no evidence of abuse or misuse of these passwords.”
As with the first batch of passwords, Facebook said there’s no indication the new users ever had their data improperly accessed or abused.
Instagram users who were impacted will be notified their passwords were improperly stored.