Last month, Facebook admitted the passwords of “tens of thousands” of Instagram users might have been exposed to its own employees.
Upon further review, however, the company has determined the breach might have impacted “millions” of Instagram users.
“We discovered additional logs of Instagram passwords being stored in a readable format,” Pedro Canahuati, vice president, engineering at Facebook, said in an update to an existing blog post. “We now estimate that this issue impacted millions of Instagram users.”
That’s in addition to the hundreds of millions of Facebook users potentially impacted by the security snafu.
Facebook has not said how many of its more than 25,000 employees had access to users’ passwords, and thus, their posted private or personal information.
So far, there is no evidence to suggest the stored passwords were not internally abused or improperly accessed, according to Canahuati.
Facebook first learned about the glitch -- which led to user passwords being stored in a readable format within its internal data storage systems -- in January.
Facebook’s login systems are designed to mask passwords using techniques that make them unreadable.
Canahuati said his team has fixed the issue, which led to users’ passwords not being properly protected.
Facebook has been plagued by security breaches over the past year. This week, the company is on the defensive for reportedly obtaining and uploading email contacts of 1.5 million unsuspecting users.