I just enabled the new SSL log-in on my
book account. In doing so, I realized my account had someone log into it last night that was not me.
Fortunately nothing harmful appears to have been done. I'm now in the process of changing passwords everywhere. My old password was strong and secure, but if someone managed to get it and figure out where else I go online, they'd have access to me on a variety of other sites.