Every turd knows you salt the password and hash it and never ever store anything other than the hash. The password should never even have been transmitted to Facebook, but that’s a whole other story.
These guys should be shut down.
Yes. At this point, storing non-hashed passwords should be a criminal offense. Period. The CEO and Chief Engineer of any firm doing it should get jail time for it. That will stop it. This isn't rocket science either, the protocols to make this kind of thing impossible are pretty well known.