In response to post #31560095. #31560240, #31560385, #31561015 are all replies on the same post. Listing known affected authors/mods would be good (but not for the authors). If the site really is compromised, it is likely totally compromised. I haven't checked, but hopefully they do hashing properly where the client hashes the password before sending it to the server (so passwords are never transmitted in plaintext). Otherwise changing your password (or logging in) would give it directly to the hackers. Another great reason to not reuse passwords.