According to Krebs on Security acknowledged, confirmed by Facebook in a blog post, it is revealed that Facebook stored passwords of millions of users in unencrypted, plain text. This oversight exposed the critical information to as many as 20,000 company employees who had internal access to the files for many years.
It is estimated that around 200 million and 600 million Facebook users could be affected. Facebook now confirms that it has identified the problem as part of a security review and the issued is fixed. The company also says it will notify everyone affected.
Facebook also says it has no information about the leakage of this sensitive information outside the company. The data was also not abused, misused internally.
This is the new episode of bad security issues for Facebook. Last year there was a report of Two-factor authentication on accounts is misused by Facebook and Facebook asked its users; If you got logged out of FB, you need to worry right away because your account may have been compromised