A Los Angeles publisher of online lifestyle and entertainment magazines has inadvertently exposed the personal e-mail addresses and passwords for hundreds of its subscribers, InformationWeek has learned.

The victims are all members of sites operated by Splash Magazines
Worldwide, which publishes local versions of its magazines under URLs
like NYCSplash.com and LASplash.com.

The list of e-mail addresses and passwords for members’ Gmail,
Hotmail, Yahoo, and other accounts would turn up in the results of
unrelated Google searches Monday if those searches happened to contain at least two keywords that matched the names of Splash members. InformationWeek confirmed that the security hole was still open as of 4 p.m. Monday.

Story continues at informationweek.com