Photo by Alex Haney on Unsplash

According to a routine security review, it was discovered that between 200 and 600 million user passwords going as far back as 2012 may have been stored in plaintext, accessible by more than 20,000 Facebook employees. An ongoing internal investigation is being conducted by Facebook to get to the bottom of this but it is noted in an interview by KrebsonSecurity with Facebook software engineer Scott Renfro that there is no evidence that the passwords were misused.

While all the details are not public, Facebook plans on alerting all affected Facebook users and have written a statement about the situation.