You may have read about a security breach at Gawker Media, the company behind several websites including Lifehacker.
The server files have been posted at various locations around the web, so I thought I’d take a look. Finding your own email address and decrypted password in a file obtained online is a sobering experience, I can tell you. Fortunately, it was not a password that I use elsewhere, so no damage done. It was, however, a ridiculously “soft” password (all digits, if you must know).
Of course, my thoughts soon turned to data analysis. A quick and dirty bash one-liner reveals the top 10 passwords…
cut -d " " -f 3 parsed_db.txt | \
awk '{count[$1]++}END{for(j in count) print j,""count[j]""}' | \
sort -nrk2 | head
123456 3057
password 1955
12345678 1119
lifehack 661
qwerty 418
abc123 333
111111 311
monkey 300
consumer 273
12345 253
OK, now I don’t feel quite so bad. At least my digits were mixed up a little…
Next, I exported my GMail address book and used R to match the email addresses in the file. I won’t bore you with the details. I found four of my contacts (one password still encrypted, three cracked) and notified them. Hopefully, they won’t think my uncharacteristic Twitter DMs are further evidence of a breach.
Take-home message: use strong passwords. Change them from time to time and don’t use the same one for multiple sites. It can happen to the best of us.
What You're Doing Is Rather Desperate 
I have been slowly changing my “soft” password over the last few months to something a little stronger, and I never keep it the same as my email address. Events like this make me glad that I took the time.
I owe you one Neil. Thanks to your sleuthing I changed my password the moment I got your DM.