Seen on dslreports.com:
“Dear Customer,
We are writing to inform you of a recent security incident involving your Road Runner Safe Storage account, which may have exposed your password. Recently, an unauthorized third party accessed one of our databases. As soon as we learned of the attack, we limited all access to the database and thus the vulnerability was eliminated. However, as a result of this incident, your account credentials may have been exposed.
The database that was accessed contained information you would have entered when you first created your account, including your name, e-mail address, user ID and password, your hint question/answer, and if you ever purchased more storage, possibly your billing address. Please be assured that no credit card numbers were accessed as a result of the attack and that none of the content that you previously stored with us could have been accessed.
As a result of this incident, we have changed your password to protect against any unauthorized access to your Safe Storage account. Should you still be using your Safe Storage account, upon your next login, you will need to use the forgot password? link to retrieve and reset your password.
We take privacy and data security very seriously and value the trust our customers place in us. If you use a similar password across multiple accounts, change your password on these accounts. As a general best practice, it’s important to use complex passwords that are hard to guess and to change them regularly.
We apologize for any inconvenience this may have caused. For additional information, please visit www.swapdrive.com/alert. We have also set up a hotline to answer any questions you may have at 1-855-815-2719.
Thank you for your attention,
Symantec Corp. for Swapdrive.com/Road Runner Safe Storage”
Update: Eduard Kovacs has more on this incident with a possible explanation.