Due to a security oversight made by some Facebook employees, certain Facebook apps have been inadvertently logging user passwords as plain text on internal company servers. While still secured against outside intrusion, between 200 and 600 million user passwords were visible and searchable by about 20,000 employees at Facebook.
https://www.notebookcheck.net/In-plain-site-Hundreds-of-millions-of-Facebook-user-passwords-were-stored-in-plain-text.414878.0.html
Remember when Facebook wanted people to send them nude pictures so they can "make sure it doesn't leak" to unwanted third parties?
They are stupid, or evil. But its nothing new from them.