If you haven’t changed your Facebook password recently, you’ll want to. Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees—in some cases going back to 2012. Facebook says an ongoing investigation has so far found no indication that employees have abused access to this data.
Facebook is probing a series of security failures in which employees built applications that logged unencrypted password data for Facebook users and stored it in plain text on internal company servers. That’s according to a senior Facebook employee who is familiar with the investigation and who spoke on condition of anonymity because they were not authorized to speak to the press.
Read more here.