FromSpring Passwords Lost
Formspring managed to add itself to the list of companies to misshandle their user’s accounts and lose 420,000 passwords. Unlike LinkedIn, by all accounts, they handled it gracefully and informed their users quite quickly. Additionally, unlike LinkedIn, they disabled all passwords for all the accounts which is exactly what you should do if a breach is discovered. Whether the passwords are sha256 hashed+salted or plain text. The hash is merely a delaying mechanism to ensure that there is a window of time before a vendor needs to have discovered the security incident.
Something FormSpring did not do is ask users who use Twitter or FaceBook oauth to create a password when they sign up. Many sites do this to ensure that their users can login without FB or Twitter. This means that I did not need to change my password, as I only had my FB and Twitter accounts linked as my MAIN and only form of identification.