According to cyber forensics course experts from the International Institute of Cyber Security (IICS), a security error in Facebook affected more users of Instagram than the social network had mentioned in the beginning.
The social network updated a post on its blog
(originally published last March 21) mentioning that, by mistake, it had been
stored without any encryption passwords of hundreds of millions of users,
adding that millions of accounts of the social network Instagram were also
compromised.
According to the cyber forensics course
specialists, in its original post Facebook stated that the passwords of “millions
of Facebook users and some thousands of Instagram account holders” had been
stored without encryption; the information was leaked due to the terrible
security measures established by Facebook.
The announcement of the social network emerged
on the same day as the U.S. Attorney General’s press conference, William Barr,
regarding the publishing of the Robert Mueller’s special report on the alleged Russian
intervention in the U.S. elections in 2016. Representatives of Fight for the
future, NGO dedicated to the privacy rights defense, consider that with this
Facebook tries to mitigate the media impact of this incident.
For companies
that handle personal data belonging to their users/customers, storing their
passwords with encryption is a standardized security practice because, even in
case of a data breach, attackers cannot read or use the stolen passwords. In
the case of Facebook, the company did not implement encryption to the millions
of leaked passwords, so they could be used easily, mention the cyber forensics
course specialists.
On the other hand, spokesmen for the social
network insist that there is no evidence that the compromised passwords have
been used by threat actors.
In the Robert Mueller’s report, published last
Thursday, Facebook is mentioned over 80 times in relation to possible efforts
to affect the results of the U.S. presidential election. A section of the
report states that the Internet Research Agency, a group linked to the Russian
government, paid around $100k USD to Facebook in exchange for about 3500 online
ads.
