Last month, Facebook admitted to storing million of Facebook passwords in plaintext.
The Verge Apr 18, 2019
We see students being taught login systems here and a recurring mistake is passwords being stored in databases. It appears that CompSci courses teach bad practices early and as we know it's hard to unlearn what you learn earlier.
Further reading seems to indicate these passwords may have collected via logging.
"But as Krebs on Security first reported, various errors seem to have caused Facebook’s systems to log some passwords in plain text since as early as 2012."
I'm been chided for pointing this out from time to time but the mistake happens over and over and in very big companies.