[Update 12/4/13 3:17 p.m. PST] A credible source has noted that Facebook has already forced users with matching passwords that were stolen into the password reset.
A report this week broke the news that hackers spared no one as they stole nearly 2 million passwords from Facebook, Google, Youtube, Twitter, Yahoo, LinkedIn, and other accounts.
According to Trustwave, the cybersecurity firm that caught the massive hack, malicious keylogging software had been secretly gathering log-in credentials since late October on an unknown number of computers worldwide and sending the data to a server controlled by the hackers. Trustwave tracked a server to the Netherlands on November 24th where they discovered log-in credentials for over 93,000 websites, most of the information from Facebook. Trustwave publicly posted their findings yesterday.
However, Trustwave warns that the hack could still be ongoing and that there may be several other similar servers yet to be discovered. How the keylogging software got on to personal computers is still a mystery.
According to CNNMoney, Facebook, LinkedIn, and Twitter have already notified and reset passwords for compromised accounts. Tech giant Google has declined to comment on the breach. In the meantime, John Miller, a security research manager for Trustwave, advises all of us to update our antivirus software. Update your software and change your passwords people, no one is safe from cyber terrorists.