Matt Mullenweg on today’s WordPress security breach:
Second, if you use AddThis, WPtouch, or W3 Total Cache and there’s a possibility you could have updated in the past day, make sure to visit your updates page and upgrade each to the latest version.
Passwords used on WordPress.org have been reset too. Be sure to update.
(I feel like nothing online is safe anymore and am damned glad that I have 1Password.)