Tumblr recently learned that a third party had obtained access to a set of Tumblr user email credentials from early 2013. Users affected may have received a notification from Tumblr. They recommend affected Tumblr users to set a new password.
As a rule of thumb, never reuse passwords for any accounts. Attackers are aware of the potential for password reuse, and will try to leverage these username and password combinations to authenticate to a victim’s accounts.
The notice from Tumblr can be found at:
https://staff.tumblr.com/post/144263069415/we-recently-learned-that-a-third-party-had
Further information about how to protect your Tumblr account can be found at:
