It has came to the attention of the community that a list of approximately 1,000 Minecraft accounts and their passwords were made available on the internet.
It is believed that this list was obtained either through the use of hacked clients, that users unknowingly installed client modifications that rather than changing game functonality, instead stole their username and passwords, or through websites made to look like the official Minecraft site.
This is a good opportunity to remind everyone to only use Minecraft client mods that are verified by the community. While this incident shows us the malicious opportunity modders have, please remember that the majority of the mods in the community were not made with such intent, and are not malicious in nature.
You can check if your username is on the leaked list here: http://dinnerbone.com/minecraft.php
If your username IS on the list, change your password IMMEDIATELY and you are urged to message the Bukkit developer Dinnerbone on the Bukkit forums a list of 3rd party mods you are using, so that the mod stealing information can be tracked down.