The whistleblower site DDoSecrets says it will selectively share 70GB of encrypted passwords, private posts, and more with "journalists, social scientists, and researchers." Gab CEO Andrew Torba acknowledged the breach yesterday.
https://www.wired.com/story/gab-hack-data-breach-ddosecrets/
If you're on GAB change your password quick.
The passwords they accessed were still hashed, so unless you used a weak password there isn’t much danger. It’s still a good idea to change them or better yet use a password manager that generates different high entropy passwords for every site. I don’t have to worry because I used a random 20+ character password stored in a password manager. There’s simply no way they are cracking it based on a hash value.
Group passwords were in plaintext. Those should be changed ASAP, but most people don’t have password protected groups.