[gregcmartin]

Thanks for sharing your story Kenneth. Unfortunately it will be a common one... Maintainers of open source projects will be increasingly target by sophisticated hacking teams, sometimes government funded. They will often win but the best thing you can do for yourself and your users is to practice good security hygiene and this story is a perfect example why. Strong random passwords everywhere (no repeated passwords) and 2-factor auth should be the minimum. Thankfully there are plenty of free apps out there that help you manage this process. Nobody can have perfect security but you can easily raise the bar high enough to force an attacker to move elsewhere. Also the Op's password was most likely taken from the recently leaked LinkedIn breach (educated guess).