Instagram has fixed a security bug that might have exposed some of its users’ passwords in plain text. The security bug resides in a newly offered feature called “Download Your Data” that allows users to download a copy of their data shared on the social media platform. The feature asks users to reconfirm their password before downloading the data. The plaintext passwords for some users who had used the feature were included in the URL and also stored on Facebook’s servers. Affected users are highly recommended to change their passwords and clear their browser history.
Source: https://thehackernews.com/2018/11/instagram-password-hack.html