Tumblr, which had to apologize to iOS users for revealing email addresses and passwords back in July, may need to start apologizing again for what appears to be another screw-up.

A DataBreaches.net reader writes:

I received a notice from Tumblr that congratulated me for 1 year with them.  Problem is, instead of using my user name for the email, they used my password in the subject line and in the body of the email.  See below.

Now I have to change passwords once again.

—–
DataBreaches.net is redacting the email the reader forwarded:

From: Tumblr
Sent: Sunday, November 24, 2013 12:24 PM
To: [redacted]
Subject: [redacted password] turned 1 today!

 

[redacted password] turned 1 today! We hope it was a great year, and we look forward to sharing many more! Post this! 35 East 21st St, 10th Floor. New York, NY 10010. Email settings | Opt-out