Ah. The article has since been updated to point out that it’s not plaintext, but encrypted at rest (which would be expected). OK.