The notorious LulzSec hacking group has published login passwords for almost 26,000 users of an x-rated porn website.
The hackers compromised the database of the hardcore website (called "Pron"), exposing not only the email addresses and passwords of over 25,000 members but also the credentials of 55 administrators of other adult websites.
Furthermore, LulzSec drew particular attention to various government and military email addresses (.mil and .gov) that appeared to have accounts with the porn website.
That must be an embarrassing one to explain to the boss..
To add insult to injury, the LulzSec group called on its many recent Twitter followers to exploit the situation, by logging into Facebook with the email/password combinations and tell the victim's Facebook friends and family about their porn habit.
It should go without saying that logging into someone else's account without their permission is against the law in most countries around the world.
Fortunately, it's reported that Facebook's security team responded quickly to the threat - and reset the passwords for all of the accounts it had which matched the email addresses exposed. Of course, it's still possible that those email address/password combinations are being used on other websites.
If anything should be a reminder to internet users of the importance of using different passwords for different websites, this should be it.
The danger is that once one password has been compromised, it's only a matter of time before the fraudsters will be able to gain access to your other accounts and steal information for financial gain or, in this case, potential embarrassment.
If you believe there might be a chance that your username/password were exposed, or if you're simply in the habit of using the same password for multiple websites - now is the time to change your habits.
Here's a YouTube video showing you how to choose a hard-to-crack, unique password:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)Follow @NakedSecurity