Facebook Staff Had Access To Millions Of Users’ Passwords—So You May Want To Change Yours Now

Yikes! Here's what you need to know.

If you haven’t changed your Facebook or Instagram password recently, you might want to do so now. In a blog post published yesterday, Facebook disclosed that it had stored hundreds of millions of users’ passwords in a readable and non-encrypted document on its internal servers. That means that any of Facebook’s 20,000 employees could have easily accessed them. (Just imagine the panic someone might be feeling right now if he or she has an ex who works at the tech company.)

Facebook was quick to point out that it has now fixed the issue and also claims in the statement that it “found no evidence to date that anyone internally abused or improperly accessed them.” Still, the company will be notifying people whose accounts may have been affected, including users of Facebook, Facebook Lite and Instagram.

The news of this security breach comes on the heels of CEO Mark Zuckerberg’s proclamation that the future of the  messaging and social networking platform is privacy-focused. However, that doesn’t seem to have quelled the increasingly frequent number of privacy scandals that keep occurring for Facebook.


Just in the last few months, Facebook has undergone major scrutiny for not allowing users who provided their phone number as part of a two-step authentication process to opt out of having the same phone numbers used by others to look up their accounts. It was also reported in December 2018 that the company gave fellow tech giants like Netflix, Microsoft, and Spotify access to user data.

Of course, the biggest privacy scandal to shake the company came just over a year ago when the New York Times and the Guardian revealed that British consulting firm Cambridge Analytica was able to access millions of Facebook user’s personal information for political purposes without permission.

Basically, changing your Facebook password now and frequently in the future is probably a good idea.