Received this email today:
Email title: BitcoinTalk.org Forum Compromised
—–BEGIN PGP SIGNED MESSAGE—–
Unfortunately, it was recently discovered that the Bitcoin Forum’s server
was compromised. It is currently believed that the attacker(s) *could* have
accessed the database, but at this time it is unknown whether they actually did
so. If they accessed the database, they would have had access to all
personal messages, emails, and password hashes. To be safe, it is
recommended that all Bitcoin Forum users consider any password used
on the Bitcoin Forum in 2013 to be insecure: if you used this
password on a different site, change it. When the Bitcoin Forum
returns, change your password.
Passwords on the Bitcoin Forum are hashed with 7500 rounds of
sha256crypt. This is very strong. It may take years for
reasonably-strong passwords to be cracked. Even so, it is best to
assume that the attacker will be able to crack your passwords.
The Bitcoin Forum will return within the next several days after a
full investigation has been conducted and we are sure that this
problem cannot recur.
Check http://www.reddit.com/r/Bitcoin/ and #bitcoin on Freenode for
more info as it develops.
We apologize for the inconvenience.