"Facebook admits it stored 'hundreds of millions' of account passwords in plaintext" - says the article on Techcrunch. But how could be this possib...
For further actions, you may consider blocking this person and/or reporting abuse
According to the discussion on HN they were logging the full auth request, password included
Some rumors also state that these data were "queryable" by many Facebook employees. This sounds literally absurd.
Yeah, it was "queryable" because the data leaked in the logs and usually logs are accessible through some centralized tool like Splunk probably.
And I bet there's no way to know if any of those employees accessed any of the users accounts using those passwords :(
I hope there will be a day when the US government will advance regulation for tech companies to really protect user's privacy but I'm not optimistic hehe
Almost no one does masking or protecting of their log files data (but they should). Another thing no one does is escape their logging data. So it’s very easy to say pass Linux commands to a website via a form that you know are going to be logged, and by logging that data the server can inadvertently trigger executable remote code...which pretty much means they are pwned.