Modernizing Authentication — What It Takes to Transform Secure Access
In a forum post, the Simple Machines board of directors explained that a database stolen from another hacked Web site contained a user name and password combination that was a Simple Machines administrator also used on the Simple Machines site. "Unfortunately, we are 100% sure that our user database has been stolen," they wrote.
All users are advised to change their passwords, and to change their passwords on any other Web sites where they use the same password. "And remember: don't use the same password on multiple sites! It helps to prevent hacks like this," the board of directors wrote.
Personal messages may also have been compromised, so users are advised to change any passwords they shared through personal messages as well.
Still, the board of directors was quick to not that the breach was not the result of a security issue with the Simple Machines Forum software. "If you are running the latest SMF version you have nothing to fear from this hack if you use different passwords," they wrote.