Facebook stored the passwords of "millions of Instagram users" in plain text when they should have been encrypted, the social media company acknowledged Thursday. Last month in a blog post, Facebook said the issue had potentially affected "tens of thousands" of users. Facebook, which owns Instagram, said their passwords were stored in an unencrypted database available to 20,000 Facebook employees. The company updated the blog post to admit the problem was more widespread than previously stated. Earlier Thursday, Facebook said it collected email contacts from 1.5 million users who signed up after May 2016 and "unintentionally uploaded" them to Facebook, importing the information "to improve Facebook's ad targeting." Facebook said it had no evidence the data was "internally abused or improperly accessed."
need to know now