A Cross-Site Request Forgery was found in Mt.Gox, (as of Sunday) the most popular Bitcoin exchange, which caused the current trading of Bitcoin from a $17USD high down to just pennies.
The extent of the compromise became clear when a copy of Mt.Gox’s user database began circulating online. The file included username, email addres, and hashed password for thousands of Mt.Gox users. Karpeles’s statement was updated to acknowledge the breach. He warned users who have re-used the Mt.Gox passwords on other sites to change them.