The social media giant confirmed the new information in its updated blog post, first published on March 21.
“We discovered additional logs of Instagram passwords being stored in a readable format,” the company said. “We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed.”
The social media giant did not say how many millions were affected, however.
Last month, Facebook admitted it had inadvertently stored “hundreds of millions” of user account passwords in plaintext for years, said to have dated as far back as 2012. The company said the unencrypted passwords were stored in logs accessible to some 2,000 engineers and developers. The data was not leaked outside of the company, however. Facebook still explained how the bug occurred
Facebook posted the update at 10am ET — an hour before the Special Counsel’s report into Russian election interference was published.
We asked the company when it learned of the new scale of the password leak and will update if we hear back.