It looks like Facebook might have made visible to its staff millions of users' passwords, according to its Vice President for Engineering, Security and Privacy, Pedro Canahuati.
On March 21, 2019, Facebook published a blog post that revealed that some user passwords had not been properly masked and were stored in plain text, a readable format. This potentially exposed users' data to Facebook staff via an internal database.
Hundreds of millions of Facebook Lite users, tens of millions of Facebook users and tens of thousands of Instagram users should have received a notification to change their passwords immediately and enable multi-factor authentication.
Facebook said that there have been no incidents of the sensitive information being used or accessed improperly by Facebook staff.
"There is nothing more important to us than protecting people's information, and we will continue making improvements as part of our ongoing security efforts at Facebook," said Canahuati.
Better to be safe than sorry! To secure your password, Facebook provided the following tips:
- Change your password in your Facebook and Instagram settings. As much as possible, avoid reusing passwords across different services.
- Use strong passwords for all your accounts. You may want to use password manager apps to help come up with complex passwords.
- Consider enabling a security key or two-factor authentication to protect your Facebook account, using codes from a third party authentication app.
In the Philippines, there are around 1.2 million Facebook users.