Facebook Confirms Millions of Instagram Passwords Were Stored in Plain Text - MacRumors
Skip to Content

Facebook Confirms Millions of Instagram Passwords Were Stored in Plain Text

by

Back in March, Facebook announced that millions of Facebook passwords were stored on its servers in plain text with no encryption. At the time, Facebook also said that "tens of thousands" of Instagram passwords were also stored in the same unencrypted format, but as it turns out, the actual number was much, much higher.

In an update to its original blog post, Facebook now says that millions of Instagram passwords were stored on its servers in a readable format.

facebooksecurity

Update on April 18, 2019 at 7AM PT: Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format. We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed.

These unencrypted, plain text passwords were accessible to thousands of Facebook employees, and while Facebook says that there's no "evidence to date" that anyone within Facebook abused or improperly accessed the passwords, it's highly concerning.

Instagram user names, unlike Facebook usernames, can be highly appealing to thieves. Short names can sell for quite a lot of money, which makes Instagram passwords rather valuable.

Facebook was not forthcoming about the discovery of additional impacted Instagram accounts, burying it in a month-old blog post and, as Recode points out, releasing the update just before the Mueller report came out and media sites were distracted.

Facebook will be notifying Instagram users whose passwords were improperly stored, and Instagram users who are concerned about their accounts should change their passwords and make sure two-factor authentication is enabled.

Facebook's latest security leak comes just a day after news spread that Facebook harvested the email contacts of 1.5 million Facebook users without their consent and used the data to build a web of social connections.

Earlier this week, a scathing report also outlined how Facebook leveraged user data to punish its rivals and reward companies who paid heavily into Facebook advertising and shared data of their own.

Tag: Facebook

Popular Stories

iOS 26

iOS 26.4 Adds Two New Features to CarPlay

Tuesday March 24, 2026 1:55 pm PDT by
iOS 26.4 was released today, and it includes a couple of new features for CarPlay: an Ambient Music widget and support for voice-based chatbot apps. To update your iPhone 11 or newer to iOS 26.4, open the Settings app and tap on General → Software Update. CarPlay will automatically offer the new features so long as the iPhone connected to your vehicle is running iOS 26.4 or later....
Read Full Article27 comments
Apple Business hero

Apple Unveils 'Apple Business' All-in-One Platform

Tuesday March 24, 2026 8:53 am PDT by
Apple today announced Apple Business, a new all-in-one platform that unifies device management, productivity tools, and customer outreach features. The service is designed to be a consolidated replacement for several of Apple's existing business-focused offerings, including Apple Business Essentials, Apple Business Manager, and Apple Business Connect. It provides organizations with a single...
Read Full Article47 comments
AirPods Pro Firmware Feature

Apple Releases New Firmware for AirPods Pro 3, AirPods Pro 2 and AirPods 4

Tuesday March 24, 2026 12:31 pm PDT by
Apple today released new firmware for the AirPods Pro 2, AirPods Pro 3, and the AirPods 4. The firmware has a version number of 8B39, up from 8B34 on the AirPods Pro 3, 8B28 on the AirPods Pro 2, and 8B21 on the AirPods 4. There is no word on what's included in the firmware, but Apple has a support document with limited notes. Most updates are limited to bug fixes and performance...
Read Full Article88 comments

Top Rated Comments

Doctor Q Avatar
Doctor Q
91 months ago
I'm waiting for this one:

"We accidentally sold your personal data, including our records of where in your home you keep your valuables and what time you leave the house, to an association of professional thieves. We've now corrected our procedures and promise not to do this again, at least not very often."
Score: 32 Votes (Like | Disagree)
C
Cyberpower678
91 months ago
And people are still trusting and using Facebook, why again?
Score: 27 Votes (Like | Disagree)
ritmomundo Avatar
ritmomundo
91 months ago
It's sad this isn't shocking news anymore.
Score: 20 Votes (Like | Disagree)
bigboyz12000 Avatar
bigboyz12000
91 months ago
Every week/month we find out that either email or social media outlets are shockingly careless when it comes to the data of the user. At the most a multi-billion dollar entity gets hit with a fine that is like them handing out a $20. Maybe we should all stop using their services and see how they are affected? Nobody NEEDS FB.
Score: 15 Votes (Like | Disagree)
itsmilo Avatar
itsmilo
91 months ago
I am surprised the EU is staying so quiet about this whole mess.

Lobbying is a hell of a thing I guess
Score: 12 Votes (Like | Disagree)
A
apolloa
91 months ago
And I see people on here moan about Amazon’s apparent invasion on privacy, how they don’t dare ever own an Echo.. and then they go and use Facebook :rolleyes: Utter hypocrites!

Remember folks, Zuckerbeg would literally sell YOUR soul if he could get it, for cash...

The writing was on the wall about this years and years ago. Plenty of reports about Facebooks complete disgregard for security and privacy going back a way.
Score: 11 Votes (Like | Disagree)
Read All Comments