Less than 1% of users changed passwords on breached site following admin message downplaying the risk
Study: Untitled - Matt Weir
Date: December 13 2012
Online discussion community Web Hosting Talk (webhostingtalk.com) was hacked on March 21, 2009. The attacker extracted the user database, which included password hashes, and posted them publicly.
An administrator of the site posted a message two days later on the 23rd and shared their advice about the stolen data: "Passwords are hashed with salt. It would be an unprecedented event to reverse engineer our passwords. I change my password periodically though, so maybe today is a good day for that. Go here [link in original message] to change your password."
However, on April 7, 2013 -- approximately 15 days after this message -- the site was hacked again and the updated user database was once again publicly leaked. A comparison of the two database snapshots showed that only 0.6% of users had changed their password in that time.