Facebook password security lapse probed by privacy regulator

Facebook password security lapse probed by privacy regulator

An investigation into a Facebook error that left hundreds of millions of user passwords exposed in an internal plain text file has been launched by the company’s main privacy regulator.

Last month, the social network admitted to the security lapse which meant company employees could have seen the passwords of users which are usually stored in an unreadable format.

The Data Protection Commission, the lead supervising authority for Facebook in the EU, confirmed it had been notified of the incident and has started an inquiry to determine whether the social network breached GDPR (General Data Protection Regulation) laws designed to protect people’s data.

“The Data Protection Commission was notified by Facebook that it had discovered that hundreds of millions of user passwords, relating to users of Facebook, Facebook Lite and Instagram, were stored by Facebook in plain text format in its internal servers,” the authority said in a statement.

“We have this week commenced a statutory inquiry in relation to this issue to determine whether Facebook has complied with its obligations under relevant provisions of the GDPR.”

The social network warned that the incident could have affected hundreds of millions of Facebook Lite users, a downscaled version of the app for people with older phones or slow internet connections, as well as millions of main Facebook and Instagram users.

Facebook fixed the flaw after uncovering it January.

(Dominic Lipinski/PA)
(Dominic Lipinski/PA)

Its own investigation found no evidence that anyone outside Facebook got hold of the passwords, or that were they abused by staff internally.

The development is the latest in a string of headaches for Facebook chief executive Mark Zuckerberg in recent years, including rampant misinformation spread on the network, breaches of user data and allegations of political manipulation.

In a sign of the growing pressure on the platform from governments to change its business practices, Facebook revealed in its latest quarterly results that it had put aside $3 billion (€2.7bn) to cover potential fines issued by the US Federal Trade Commission’s ongoing inquiry into the firm, related to the Cambridge Analytica data scandal.

A Facebook spokesman said: “We are working with the IDPC on their inquiry.

“There is no evidence that these internally stored passwords were abused or improperly accessed.”

- Press Association

More on this topic

Detained suspect asks for selfie with arresting officersDetained suspect asks for selfie with arresting officers

Probe into Facebook cryptocurrency ‘being considered by Westminster MPs’Probe into Facebook cryptocurrency ‘being considered by Westminster MPs’

Big Tech unlikely to find any cheer as its EU scourge Vestager prepares to step downBig Tech unlikely to find any cheer as its EU scourge Vestager prepares to step down

US Air Force warns against prank Facebook call to ‘storm Area 51’US Air Force warns against prank Facebook call to ‘storm Area 51’

More in this Section

Truck hits Dublin city centre railway bridge for the second time in four monthsTruck hits Dublin city centre railway bridge for the second time in four months

Homeless families in Dublin to get free Leap Cards for AugustHomeless families in Dublin to get free Leap Cards for August

Man due in court in connection with Louth graveyard incidentMan due in court in connection with Louth graveyard incident

OPW removes visitor books from sites amid GDPR fearsOPW removes visitor books from sites amid GDPR fears


Lifestyle

During my first pregnancy I developed a network of spider veins on my thighs. Even more appeared during my second pregnancy. What would you recommend?How do I deal with spider veins in pregnancy?

More From The Irish Examiner