Facebook FB stored "hundreds of millions" of account passwords without encryption and viewable as plain text to tens of thousands of company employees, according to a report Thursday by cybersecurity journalist Brian Krebs.
Facebook confirmed the report in a blog post .
The incident could have affected as many as 600 million users, a significant portion of Facebook's user base of 2.7 billion people.
"As part of a routine security review in January, we found that some user passwords were being stored in a readable format
within our internal data storage systems. This caught our
attention because our login systems are designed to mask passwords using techniques that make them unreadable.
We have fixed these issues and as a precaution we will be
notifying everyone whose passwords we have found were
stored in this way," Facebook said in a statement Thursday.
The incidents dates back to as early as 2012,
according to the report.
The company released a statement Thursday saying it
would be notifying those affected in the near future.
And We're Supposed to Believe They Were Honest
When Testifying Under Oath To Congress?