Hi All, I will be repeating this post on four Mailman mailing lists.... I received one of these: "I hacked your account, here is your password and pay me bitcoin" scam emails - to andre@ox.co.za with the password I used on anti-abuse-wg@ripe.net (and three other Mailman lists only...) As I use different passwords, change my passwords (up to now, except for mailing lists), every 7 to 30 days, I am usually able to know exactly where, when so that I can go look for the how, etc. As unfortunately I used the same email and same password on four lists, I do not know which list data has been compromised. If anyone else receives similar email with a password used on anti-abuse, please let us know... For abuse discussion purposes: With which frequency should one change mailing list passwords? And, is it even that important? Compromising a mailing list password allows whomever to change my digest options and nothing much else, so, does it really matter? One should have one password for each mailing list (and not one for four...) but, is it important enough, in terms of abuse itself, to even change these monthly? or maybe yearly? or maybe not at all? Andre