I just tried changing my password and it says my current password is wrong.
So I cannot change to a new one now.
Is it likely that passwords were changed on many/most accounts or did you wipe out old ones at some point?
BTW if the hacker still has some fingers in here then forcing us to enter our password for changing would expose the password. So hopefully some script wasn't modified to send passwords to him when an attempt was made to change it...
(Not a big problem for me as all my passwords are different and random 25 char strings)
I'm also having this problem. Funny thing is, if I use incognito mode to get a new session I can log in using my old password, but it's not accepting it for changing my password.