Tumblr has admitted that "a third party had obtained access to a set of Tumblr user email addresses with salted and hashed passwords from early 2013."
The incident occurred before Yahoo! acquired Tumblr.
The micro-blog says "As soon as we became aware of this, our security team thoroughly investigated the matter. Our analysis gives us no reason to believe that this information was used to access Tumblr accounts."
Some users will, however, be required to change their passwords. ®