Things never change. Well actually they do, just not much.
About five years ago I blogged about PerlMonks getting hacked. They had stored their passwords in plaintext, which basically meant everyone who used the site should have changed their passwords and fixed any situations where they had reused passwords. Also probably abandoned PerlMonks (I know I haven’t been back since.)
blogs.perl.org, a relatively recent blogging platform that was slated to replace use.perl.org (Thanks Sawyer!), just got hacked as well. Fortunately BPO was not in plaintext. It could have been stored better though.
Just a couple months ago I blogged about how password hashing should be done. Check it out.