Millions of Instagram users had their passwords stored in unencrypted form on internal servers, Facebook said on Thursday, raising its original estimate of tens of thousands.
The social media giant said in late March that it had inadvertently stored passwords in plain text, making it possible for its thousands of employees to search them. It said the passwords were stored on internal company servers, where no outsiders could access them.
"We discovered additional logs of Instagram passwords being stored in a readable format. We now estimate that this issue impacted millions of Instagram users," Facebook said in a blog post.
"We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed," the social network said.
It had also said in March that the issue affected "hundreds of millions" of Facebook Lite users and millions of Facebook users. Facebook Lite is designed for people with older phones or slow internet connections.