Social media giant, Facebook has said that a March security incident which exposed Instagram users passwords is worse than it was first thought.
During the March security incident, Facebook said that "tens of thousands" of Instagram users passwords were roughly stored in plain text. However, Facebook on Thursday has now come out to say that the issue is now estimated to have affected "millions" of Instagram users.
"We now estimate that the issue impacted millions of Instagram users," Facebook said in a quietly updated blog post from last month which it revealed that it had stored hundreds of millions of unencrypted Facebook passwords on its server.
Normally, Facebook and Instagram passwords are masked on he company's internal servers so that no one, including Facebook's employees will be able to see it. However, the March security revealed that the exposed passwords were stored in logs which were accessible by internal developers and engineers.
Despite this, Facebook insists that there isn't any evidence that those passwords were improperly accessed or misused.
"Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format," Facebook's vice president of engineering, security and privacy, Pedro Canahuati said. "We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed."
Though the company didn't mention how many millions of Instagram users that were affected, it however received tongue lash for timing the update to coincide with the release of the Mueller report on Trump and Russian election interference.
"This is an issue that has already been widely reported, but we want to be clear that we simply learned there were more passwords stored in this way. There is no evidence of abuse or misuse of these passwords," a Facebook spokeperson said.