SAN FRANCISCO (CBSDFW.COM/AP) — Facebook stored millions of user passwords in plain text for years, the social media company confirmed on Thursday after a security researcher posted about the issue online.

Facebook says they have fixed the issue and will be notifying everyone whose passwords were stored improperly stored on internal company servers.

READ MORE: Cook Children's Medical Center Relaxing Visitation Policy, Allowing 2nd Primary Caregivers Inside

Facebook vice president Pedro Canahuati issued a statement that said, in part —

“To be clear, these passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them. We estimate that we will notify hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users.”

READ MORE: 'No Business Wearing This Uniform,' Dallas Police Officer Bryan Riser Arrested, Charged With 2 Counts Capital Murder

The incident reveals a huge oversight for the company amid a slew of bruises and stumbles in the last couple of years.

The security blog KrebsOnSecurity says some 600 million Facebook users may have had their passwords stored in plain text. Facebook said in a blog post Thursday it will likely notify “hundreds of millions” of Facebook Lite users, millions of Facebook users and tens of thousands of Instagram users.

MORE NEWS: Gardening 101: The Benefits Of Buying Bare Root Plants

(© Copyright 2019 CBS Broadcasting Inc. All Rights Reserved. The Associated Press contributed to this report.)