Urgent security update
Bad news. A major vulnerability, known as “Heartbleed,” has been disclosed for the technology that powers encryption across the majority of the internet. That includes Tumblr.
We have no evidence of any breach and, like most networks, our team took immediate action to fix the issue.
I’m guessing most people have heard about this by now. This is an issue on the server-side so don’t change your password unless instructed by that site to do so. Changing it before they have patched the issue just leaves your new password equally vulnerable.