Do you have an account on one of VerticalScope’s domains? You may want to change your passwords.
Another 45M username/passwords leaked from 1000 web forums.
This happened before LinkedIn was breached and before the TeamViewer hack/breach.
From the story, this link to Leaked Source. It asks you to enter your email, usernames or other identifying data into the search field and checks if it is in their database of cracks. If it is, that account has probably been compromised depending on the type of encryption used in the sites database.
Don’t use the same password on different sites, try not to use the same username. Personally, I use Firefox’s browser password manager with the master password feature turned on and I have set Firefox to delete cookies when it shuts down. That way I only have to remember the master password and the rest are encrypted. Chrome and Explorer do not encrypt their remembered passwords, so anyone with access to the filesystem can see them.

The single largest vulnerability in any computer system is between the keyboard and the seat.
This is what happened:
Patient Zero gets an email something along the lines like:
Dear Customer,
Courier was unable to deliver the parcel to you.
You can review complete details of your order in the find attached.
Yours faithfully,
Greg Marks,
Sr. Support Agent.
Which naturally has an attached zip file for you to open and examine this package you didn’t get.
Patient Zero tries to open the zip…except they haven’t upgraded WinZip or WinRar recently and it’s a spoofed name. It isn’t a zip file at all, it’s just named that.
The trojan is now on your system and here it gets more complicated based on the attackers, the variants of the virus, etc. Some will provide a point of entry for crackers to investigate the system/s, others will silently monitor the traffic for a while, the earlier variants will immediately start encrypting your system and any other network share attached to the system for which the user has write permissions. The later variants watch for backup processes to execute so that they can learn how to toast your backups too. (Which takes me on a separate rant on how using Windows/NFS shares for push backups without checking authentication is asking for trouble.)
So, PZ has toasted their system, toasted the company backups, toasted the company wide network share, because s/he was the accountant the Financial share is also toast. IT just ran basic backups to a Windows share instead of things like rsync over ssh to a root only mount and so the last three months of backups are also encrypted. Worst case scenario, the MIS system or production systems get done too.
What does the company do? You can’t ‘unencrypt’ it without the key. You get an email or a pop up telling you to send $20k worth of bit-coins to the attackers.
How to stop this
Lesson one: NEVER OPEN EMAIL ATTACHMENTS FROM YOUR EMAIL PROGRAM.
Obviously ignore them from anyone you don’t personally know, but secondly save them on your system and scan them with your anti-virus before you open them. Usually you right click on the file and can select ‘Scan with xyz anti-virus’.
Lesson two: Turn off your darned shares. If you access ‘Calgary Office Share’ once per week, you don’t need a network share on your desktop to it. Learn how to mount it on demand. Hint: type \\machine\share in the URL bar in your file browser.
Lesson three: Companies need to start firing people over this instead of just the IT people who enabled it.
Lesson four: Start using the ‘Junk’ or ‘Spam’ tag on your email program. ‘Mark as Junk’ in Thunderbird. They are fairly advanced Bayesian filters that learn over time. But you have to teach them. If you don’t mark an email as Junk or Spam, it won’t learn and can’t identify subsequent spam. This must be a habit.
Lesson Five: Never trust the company/internet provider anti-virus on the mail server, if it even has one.