[jrochkind1]

Wait, how the heck did "At the Pool" get plaintext fb passwords?

[sucrose]

Well, the 2nd paragraph explains that: "The passwords are presumably for the “At the Pool” app rather than for the user’s Facebook account, but would put users at risk who have reused the same password across accounts."

[ChrisCinelli]

They did not. I think those are their own passwords if the user used directly the app without FB login

[seandougall]

Not to discount the possibility that the article could be incorrect about this, but it makes the claim quite unambiguously: "it contains plaintext (i.e. unprotected) Facebook passwords for 22,000 users"

[traek]

They have updated the article to say

> it contains plaintext (i.e. unprotected) passwords for 22,000 users

and

> The passwords are presumably for the “At the Pool” app rather than for the user’s Facebook account, but would put users at risk who have reused the same password across accounts.

[jrochkind1]

Thanks for clearing that up, didn't say that when I read it, indeed, it originally said "Facebook passwords".