PSA: hacked, please update your passwords! was hacked, and it's username/password/email database compromised.

If you have created an account at (NOT and didn't use a unique password then you should update your password at all other sites (Brokenstones included) in order to make sure your account is protected!

Here is a full list of compromised usernames from
(I've removed the password hashes and emails for privacy)
password: brokenstones

After some testing, I can say that the passwords were hashed solely with MD5, and they were UNSALTED, which means that if the password was simple it can be easily looked up using a rainbow table, and then tried elsewhere anyplace you have an account with the same username or email. Even if you used a secure password, a matching md5 could be achieved through brute force which would allow access to your account and possibly any other sites which use md5 hashing without salts (which is terribly poor practice).

~60,000 passwords out of 96,000 have already been cracked (ie, resolved to plaintext) as of 2015-11-05 22:30 UTC