Was Tumblr hacked in order to do drive-by malware installs? (tumblr.com)
It has nailed a number of major accounts, including The Verge, USA Today, Reuters and The Daily Dot.
Buzzfeed has tips on how to keep safe: http://www.buzzfeed.com/ryanhatesthis/hacker-group-exploits-...
Update: The GNAA says that the hack was part of an anti-blogging campaign.
> This was just another part of our "anti-blogging" campaign. GNAA's stance on blogging in general has always been a negative one: in short, blogging is lowering journalistic standards to the point where the number of friends a murderer has on Facebook has become news.
tl;dr: if you have a Tumblr account (and an active session), delete your cookies before opening any *.tumblr.com site.
Tumblr engineers have resolved the issue of the viral post attack that affected a few thousand Tumblr blogs. Thanks for your patience.
Script kiddies found a small crack and went for it.
Also, whether or not it cost the business money has nothing to do with the quality of the break-in.
The things that matter during an attack: how much damage was caused, what kind of data was compromised, and how much it will cost to get things fixed. The quality of the attack is only a factor when it comes to cost/benefit of fixing the vulnerability.