That revelation is tucked into a March 21 news release from Facebook, as TechCrunch notes.
"Since this post was published, we discovered additional logs of Instagram passwords being stored in a readable format," the update, dated April 18, states. "We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation has determined that these stored passwords were not internally abused or improperly accessed."
As previously announced, Facebook discovered that user passwords were being stored in a readable format within their internal data storage systems during a "routine security review" back in January. In their initial statement, the Facebook team said that the affected passwords were never made visible to anyone beyond Facebook. Additionally, no evidence of internal abuse or access was reported.
As a precaution, Facebook recommended that users change their passwords, either by selecting one on their own that's strong enough or by utilizing a password app. As with anything, multiple-factor authentication is also recommended.
Security has been a constant source of headache for Facebook users and the company itself, particularly in the age of widely shared news stories that are either entirely fabricated or otherwise misleading. It's also extremely difficult to write anything about Facebook without mentioning the fact that Twitter's Jack Dorsey very recently recounted a dining incident in which Facebook boss Mark Zuckerberg is said to have personally killed a goat before feeding said goat to him.