Sort:  

It wasn’t truly a “hack” so there’s still no technical security vulnerabilities to worry about at the moment. It is a rash of “phishing” scams Steemit has been seeing. The user was tricked into giving his password to someone posing as “Steemit security.” So don’t worry too much about logging in. But best practices are still to only go to Steemit through a valid bookmark you’ve created so as not to be fooled by a duplicate site an external link may direct you to, and log in with your posting key. Only use owner/master keys when dealing with funds & account management.

@libert https only secures your data during transit and prevents prying eyes to intercept that data. However this is a phishing site meaning the destination of your data is malicious. Once you input your details including your keys or password, this will be sent to the scammer.

That's what I wanted to know. Thanks.

Thank you, great tips.