Del Harvey, who heads Twitter's trust and security team said a spam attack on the site appeared to be related to the theft of Gawker's account details., external
Hundreds of thousands of Twitter users had seen their accounts compromised and messages sent promoting an Acai Berry diet.
"It's all too common that people use the same password for multiple accounts," Rik Ferguson, a security researcher at Trend Micro told the BBC.
Anybody that has had their Gawker account details published can expect to be targeted by other hackers, said Graham Cluley, a consultant at security firm Sophos.
"Every identity thief, hacker and spammer out there will be attracted to that password file," he said.
The impact would have been more serious if compromised accounts had linked to sites containing bank-credential-stealing malware, he added.
Users could protect themselves by creating complex passwords for each online service that needed a password, said Mr Ferguson.
Complex passwords can be made easy to remember, he said.
He suggested taking a the first letters from the words in a phrase a user is likely to remember, such as "I wandered lonely as a cloud".
Some letters can be replaced by symbols, perhaps using "@" instead of "a".
Finally, adding the first and last letter of the website being visited to that phrase creates a unique but memorable password that is hard to guess, he adds.