It reiterated that pilgrims require a Haj visa and it can be obtained through recognised official channels
So far the inquiry has uncovered archives with plain text user passwords dating back to 2012, according to the report published this week by KrebsOnSecurity, a blog run by journalist Brian Krebs.
Facebook in a blog post on Thursday said that it had fixed the issue and will be notifying everyone whose passwords it found stored this way.
"It's perfectly possible that no passwords at all fell into the hands of any crooks as a result of this. But if any passwords did get into the wrong hands then you can expect them to be abused," said Paul Ducklin, Senior Technologist at global cybersecurity firm Sophos.
"Hashed passwords still need to be cracked before they can be used; plaintext passwords are the real deal without any further hacking or cracking needed," Ducklin added.
Facebook said it had found no evidence to date that anyone internally abused or improperly accessed the passwords.
"While the details of the incident are still emerging, this is likely an accidental programming error that led to the logging of plain text credentials. That said, this should never have happened and Facebook needs to ensure that no user credentials or data were compromised as a result of this error," said John Shier, Senior Security Advisor at Sophos.
"This is also another reminder for people who are still reusing passwords or using weak passwords to change their Facebook password to something strong and unique and to turn on two-factor authentication (2FA)," Shier said.
Turning on 2FA would mean that a password alone is not enough for crooks to raid your account, Ducklin added.
Facebook also asked people to change their passwords "out of an abundance of caution".
Earlier this month, Facebook came under scrutiny for using phone numbers provided for security reasons -- like two-factor authentication (2FA) -- for things like advertising and making users searchable by their phone numbers across its different platforms.
"Another security measure users can implement to strengthen their digital security postures is to use different passwords for different online accounts. Don't use your Facebook password for any other login, particularly for personal/professional email accounts or online banking," said Sanjay Katkar, Joint Managing Director and Chief Technology Officer, Quick Heal Technologies Limited.
"It is also a good practice to log out whenever not using Facebook, even on mobile devices," Katkar added.
It reiterated that pilgrims require a Haj visa and it can be obtained through recognised official channels
The 18-year-old was taken to hospital in a serious condition
The brothers, who say they are innocent, are accused of having formed an organised criminal network in early 2021 in Romania, as well as in the US and Britain
The left-handed batter scored 3369 runs in 136 one-day internationals and 2893 in 140 Twenty20 internationals — both Pakistan records
Food supplies were distributed to 80 households
On January 31, a heart was airlifted from Delhi to Chennai, paving the way for Ayesha Rashid's life-saving surgery
The online retailer, which is headquartered in Singapore, has said it has around 108 million monthly active users in the 27-nation EU
The baby girl named Rouh, meaning Soul, suffered respiratory problems and a weak immune system, a doctor at the Emirati Hospital in Rafah said