@jextxadore yeah, that sounds… a bit sketchy.
@jussipekonen my kids saw the game and went meh. My wife doesn't play games. :P
Seriously, the black coins on World 4-1 were very difficult to get. Several places where timing jumps is key and there is little room for error. Thankfully, I only have to get all five coins once.
@feorlen The problem is passwords won't provide a fix for the authentication cookies that were leaked, particularly if the site in question doesn't expire them. (Hint, hint, @matigo). "Changing passwords" may not be enough to mitigate the risk of this disclosure.
Also, I can't imagine every one who ever used service X over the last several months had their information disclosed. While this event increases the risk above zero, it's not clear by how much so people can make an informed choice about what to do.
And, really, that's a problem with all these notifications. I know enough to make the assessment for myself, and I'm already doing a lot of the right things, so for me? The answer is: change maybe a handful of passwords, which is probably a good idea anyway.
For the average user, who has seen umpteen of these notifications, many of which are much more specific than this one? They're going to ignore it unless the specific site contacts them suggesting they change their password. And you know what? They're very likely going to be just fine doing so.
// @matigo @larand
@larand it is also the kind of thing I expect we'll see a check for in LastPass shortly, which will tell me which passwords I need to change. Given that I have nearly 400 sites in my LastPass, that seems like a much saner option…
// @matigo
@larand Maybe change your passwords. This also might be a situation where @matigo needs to create a "revoke all my app tokens" option as there's no way to invalidate these currently.
@larand a list of potentially affected sites [github.com] has shown up. Might be worth perusing it to see if there are any you feel strongly enough about security on that it's worth changing your password on.
// @matigo