Facebook Confirms Millions of Instagram Passwords Were Stored in Plain Text - MacRumorsOpen MenuShow RoundupsShow Forums menuVisit ForumsOpen Sidebar
Skip to Content

Facebook Confirms Millions of Instagram Passwords Were Stored in Plain Text

by

Back in March, Facebook announced that millions of Facebook passwords were stored on its servers in plain text with no encryption. At the time, Facebook also said that "tens of thousands" of Instagram passwords were also stored in the same unencrypted format, but as it turns out, the actual number was much, much higher.

In an update to its original blog post, Facebook now says that millions of Instagram passwords were stored on its servers in a readable format.

facebooksecurity

Update on April 18, 2019 at 7AM PT: Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format. We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed.

These unencrypted, plain text passwords were accessible to thousands of Facebook employees, and while Facebook says that there's no "evidence to date" that anyone within Facebook abused or improperly accessed the passwords, it's highly concerning.

Instagram user names, unlike Facebook usernames, can be highly appealing to thieves. Short names can sell for quite a lot of money, which makes Instagram passwords rather valuable.

Facebook was not forthcoming about the discovery of additional impacted Instagram accounts, burying it in a month-old blog post and, as Recode points out, releasing the update just before the Mueller report came out and media sites were distracted.

Facebook will be notifying Instagram users whose passwords were improperly stored, and Instagram users who are concerned about their accounts should change their passwords and make sure two-factor authentication is enabled.

Facebook's latest security leak comes just a day after news spread that Facebook harvested the email contacts of 1.5 million Facebook users without their consent and used the data to build a web of social connections.

Earlier this week, a scathing report also outlined how Facebook leveraged user data to punish its rivals and reward companies who paid heavily into Facebook advertising and shared data of their own.

Tag: Facebook

Popular Stories

Facebook Feature

Meta Quietly Launches 'Forum,' a Standalone Facebook Groups App

Friday May 22, 2026 5:01 am PDT by
Meta today launched a new standalone app called "Forum" that brings Facebook Groups into a dedicated feed separate from the main Facebook experience. The app was spotted by Matt Navarra without any formal announcement from the company. Its App Store listing describes Forum as "a dedicated space for the conversations that matter most to you," built for the groups users already belong to and...
Read Full Article48 comments
Facebook Feature

Meta Wants You to Pay for Instagram, Facebook, and WhatsApp Now

Wednesday May 27, 2026 12:53 pm PDT by
Meta is rolling out paid Instagram Plus, Facebook Plus, and WhatsApp Plus plans worldwide as of today. Instagram Plus is priced at $3.99 per month, Facebook Plus is priced at $3.99 per month, and WhatsApp Plus is priced at $2.99 per month. According to TechCrunch, the paid plans provide features like profile customization, super reactions, and story insights. Instagram Plus lets users see ...
Read Full Article248 comments
macOS 27 on MacBook Pro

Apple Says macOS 27 Won't Be Compatible With These Macs

Wednesday June 3, 2026 8:29 am PDT by
During WWDC 2025, Apple revealed that macOS 26 Tahoe would be the final major macOS version for Intel-based Macs. macOS 27 will be compatible with Apple silicon Macs only, meaning that you will need a Mac with an M-series chip or a MacBook Neo with an A18 Pro chip in order to install the software update. Apple will unveil macOS 27 during its WWDC 2026 keynote this Monday, June 8, and the...
Read Full Article90 comments

Top Rated Comments

Doctor Q Avatar
Doctor Q
93 months ago
I'm waiting for this one:

"We accidentally sold your personal data, including our records of where in your home you keep your valuables and what time you leave the house, to an association of professional thieves. We've now corrected our procedures and promise not to do this again, at least not very often."
Score: 32 Votes (Like | Disagree)
C
Cyberpower678
93 months ago
And people are still trusting and using Facebook, why again?
Score: 27 Votes (Like | Disagree)
ritmomundo Avatar
ritmomundo
93 months ago
It's sad this isn't shocking news anymore.
Score: 20 Votes (Like | Disagree)
bigboyz12000 Avatar
bigboyz12000
93 months ago
Every week/month we find out that either email or social media outlets are shockingly careless when it comes to the data of the user. At the most a multi-billion dollar entity gets hit with a fine that is like them handing out a $20. Maybe we should all stop using their services and see how they are affected? Nobody NEEDS FB.
Score: 15 Votes (Like | Disagree)
itsmilo Avatar
itsmilo
93 months ago
I am surprised the EU is staying so quiet about this whole mess.

Lobbying is a hell of a thing I guess
Score: 12 Votes (Like | Disagree)
A
apolloa
93 months ago
And I see people on here moan about Amazon’s apparent invasion on privacy, how they don’t dare ever own an Echo.. and then they go and use Facebook :rolleyes: Utter hypocrites!

Remember folks, Zuckerbeg would literally sell YOUR soul if he could get it, for cash...

The writing was on the wall about this years and years ago. Plenty of reports about Facebooks complete disgregard for security and privacy going back a way.
Score: 11 Votes (Like | Disagree)
Read All Comments