Facebook says its employees had access to millions of Instagram passwords

Key Points
  • Facebook says millions of Instagram passwords were exposed in an internal database that was searchable by employees.
  • The exposure is part of the same one that affected up to 600 million Facebook user passwords.
  • Facebook originally said the exposure affected thousands of Instagram passwords.
Facebook CEO Mark Zuckerberg (C) leaves the office of Sen. Dianne Feinstein (D-CA) after meeting on Capitol Hill on April 9, 2018 in Washington, DC.
Getty Images

Facebook on Thursday said millions of Instagram user passwords were exposed to employees in a searchable format in an internal database.

The announcement came in an update to a blog post that was published last month after the company disclosed millions of Facebook user passwords were exposed to employees. The blog post originally said thousands of Instagram passwords were exposed. Cybersecurity journalist Brian Krebs reported in March that up to 600 million Facebook passwords were exposed.

Facebook said in the blog post it would be notifying the millions more Instagram users whose passwords were exposed. The company also said its internal investigation determined that the passwords were not "abused or improperly accessed." However, thousands of Facebook employees would have had access to the passwords, and Facebook hasn't provided an update to its investigation since it was originally reported in March.

Facebook's stock was down less than half a percent Thursday afternoon.

Facebook says it inadvertently uploaded 1.5 million users' email contacts without permission