Bad news for XKCD user forum members - all 562,000 of them - reports Sergiu Gatlan (writing for Bleeping Computer) in a blog post on September 3rd; as email addresses, user names IP addresses, and salted and hashed passwords in MD5 format for all users on the discussion site have been exposed.

"The compromised user information including usernames, emails, and IP addresses, as well as hashed and salted passwords stored in MD5 phpBB3 format, was added to Have I Been Pwned's database on September 1, after being provided by security researcher and data analyst Adam Davies." via Sergiu Gatlan reporting for Bleeping Computer