“We discovered additional logs of Instagram passwords being stored in a readable format,” the company said in the updated blog post. “We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed.” While Facebook has confirmed plans to notify those affected by the issue, it has not clarified how the number of affected users was determined and has also not shared how many millions of users were affected.
The update comes after Facebook admitted last month that it had inadvertently stored “hundreds of millions” of user account passwords in plaintext for years. It said that the record dated as far back as 2012. The social media giant also confirmed that the encrypted passwords were stored in logs accessible to nearly 2,000 engineers and developers. The data was, however, not leaked outside of the company and Facebook has not explained how the big occurred in the first place.
Watch: Xiaomi Redmi Note 7 Pro First Look
TechCrunch reports that Facebook does not have “a precise number” to share just yet and is also not sharing the exact timeline for additional discovery, being announced now. Facebook first admitted to storing “hundreds of millions’ of account passwords in plaintext after it was first reported by cyber-security reporter Brian Krebs. Facebook added that it first discovered user passwords being stored in plaintext in January as part of a routine security review.