It appears that someone who performs audits on our system and had read-only access to our database had their computer compromised.The good news is Mt.Gox had layered security, so your money or bitcoins stored at Mt. Gox are safe. And if you chose a strong password (my Mt.Gox password is 12 random characters, chosen and remembered by LastPass and not used for anything else) you don't have to worry, because of the way Mt. Gox stored the passwords in the database.
The bad news is lots of people still choose really bad passwords, even for financial sites.
Coming right on the heels of the discovery of bitcoin-wallet-stealing malware, that's a lot of disturbing bitcoin-related news, and I'm getting asked "what does it all mean for Bitcoin?"
I hope it means the bitcoin hype starts to calm down. The insanely rapid growth of both the number of users and the value of a bitcoin over the last month or two was unsustainable, and both the core system and all of the surrounding infrastructure (like the exchanges) need more time to "grow up."
I've said it before, and I'll say it again: Bitcoin is an experiment. Treat it like you would a promising Internet start-up company: maybe it will change the world, but realize that investing your money or time in new ideas is always risky.