Five years ago I created a test Facebook account with a fake id, played with it for a day or so, and then registered an account with my real id. I have been using my real Facebook account on Chrome with the password stored inside the browser, so that when I go to Facebook it automatically logs into my (real) account. In the last couple of months I've tried using Safari instead. Last week, I accidentally opened facebook on Chrome, and was logged in not to my own account, but to that ancient fake account I haven't touched for five years, and had totally forgotten about. Moreover, today my wife received a spam message from that Facebook account.
I cannot understand how this is possible. The ancient Facebook account was presumably hacked. I am not sure what password I used at the time, but it was likely a short one, given that it was a test account (I use good passwords with 1password for all important accounts). But how could Chrome all of a sudden login automatically into that ancient account? Most importantly, is this a sign of a more serious security issue?
I would be grateful for any advice