HumbleBundle has been hacked. Change your password.

I got an e-mail saying someone from a strange location had accessed my account. After mentioning it on NeoGAF there are already about 20 others have said the same thing. You only get that e-mail AFTER they successfully log in with the correct password too so it seems like a ton, if not all, passwords and accounts have been leaked. No official word yet but too many people to be a coincidence.

Done, thanks for the heads up.

Appreciate it. Will do

Seems a bit suspect, but I'm not sure if the sample size is large enough to verify a large scale compromise of their data.

That being said, you should activate two-factor authentication on Humble Bundle if you've not already done so. It should help keep your account secure even if your password is compromised.

I don't keep my CC on there or anywhere but Amazon for this reason. I have some unredeemed keys, but I wouldn't miss them.

I'd be willing to bet that a lot of those are due to reused passwords that were picked up in other hacks (that's been the go-to for these things lately). That said, things like this are why I have a password manager. Password gets found, and the account's sporting a new one with a couple of clicks.

I got the same email a couple of days ago. I made my Humble account so long ago and I used a weak frequently used password of old. This was a good reminder that I've needed a stronger unique password for years now.

Well, whether it's a full blown hack or some remnants of old passwords being stolen, might as well stay on the safe side I suppose. Kudos for the heads up. My passwords consist of me slamming my keyboard against a wall and using the chaos as my new password, so I never memorize them so I never feel bad about changing them.

Never got that email, but I changed my password anyway. Thanks!

Thanks, just changed it and added two factor authentication to the account.

Easy enough to do anyway, so might as well. Also added two-factor, didn't realize that was an option, thanks for that @chaser324.

Don't keep my card on it but still, thanks for the heads up OP.

Thanks for the heads up, duder!

No email so I assume this was specific accounts only?

I enabled 2 factor authentication so I should be fine. Never hurts to update passwords.

I got that email the other day. Changed my password. I should probably do that two-factor authentication thing.

I tried to access my account and my password wouldn't work, but I doubt my account was hacked. Most likely the password got mixed up at some point (I used lastpass for awhile and recently migrated to KeePass. I vaguely remember lastpass trying to autochange passwords and failing on some accounts. Humble bundle could have been one of them).

I never got an email about a weird place trying to access my account until today... Which only happened because I moved 2 years ago and it's been awhile since I accessed my account. Either way I changed it and unlinked my steam account for good measure. I will continue to not use humble bundle.

Thanks for looking out for us. Got myself a new password.