C-Suite On Deck
Keep me plugged in with the best
Join thousands of your peers and receive our weekly newsletter with the latest news, industry events, customer insights, and market intelligence.
I agree to the
terms of service
PLEASE CORRECT THE FOLLOWING:
Please Enter Some Keywords
Facebook Password Breach: What You Need to Know
Yesterday Facebook disclosed during a routine security review they discovered “some” user passwords were being stored unencrypted, but the passwords were not visible to anyone outside of Facebook. Facebook’s definition of “some” doesn’t really illustrate the full magnitude of this event. We are talking hundreds of millions of users that are affected. False Reassurance. Facebook released an official statement declaring, “To be clear, these passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them.” Assuming they follow a Secure Systems Development Lifecycle (SSDLC), this should be core protection built into the system and verified. That there is no evidence anyone external to Facebook had access to the un-encrypted passwords is not reassuring. Was this a flaw or accepted risk? More questions than answers. So, what went wrong and how could plain-text credentials go undetected since 2012? As a Facebook user, I wonder why an internal employee would need access to my un-encrypted password. Ultimately, it’s still up to the consumer to govern data shared with services like these. At no time should the passwords ever have been left in clear text.
I'm for real
Enter your email once to access all our information and resources.
(Your email address is required so we know you're a real person)
By downloading this content, you give permission for your contact information to be shared with the content provider who may contact you in regards to the content.