Last month, Facebook revealed that it had been storing "some" user passwords in plain text in its internal data storage systems, including tens of thousands of Instagram user passwords. Now Facebook has admitted that things were actually much worse.
In an update to its original announcement, Facebook has now confirmed that millions of Instagram user passwords were being stored in plain text in its internal data storage systems. Facebook says that it investigated the situation and determined that the passwords were not internally abused or improperly accessed. It will notify the affected users.
Obviously "tens of thousands" is quite a bit different than "millions", and so this latest Facebook security issue is quite a bit worse than the company originally suggested it was. It is good to hear that these passwords weren't internally abused or improperly accessed, but it's still unsettling to learn that many, many more Instagram passwords were stored improperly. If Facebook tells you that your Instagram password was one of the millions that were stored in plain text, be sure to change your password right away.