The good folks over at Library Thing sent out this notice yesterday:
During a security review, we found that LibraryThing suffered a data breach in June 2011. While no book data or financial information was taken, lost or changed, the hackers did take email addresses and encrypted password hashes for some accounts created prior to that date.
People like me who were members at the time of the breach were advised to change our passwords, which I did (and if this affects you, you should receive an e-mail with the password reset link. If you haven't received it, you might check your account.) LT is also doing something quite classy in response to the breach:
The entire LibraryThing team and I deeply regret and apologize that this happened on our watch. Since 2011, we have significantly improved our security measures, which have been further tightened across the board since we discovered this breach. As a further apology, we are upgrading you and all LibraryThing members who joined prior to June 19th, 2011 to full lifetime accounts.
To read more details about the breach, see this post on the Library Thing blog.