The recent service outage was caused by a vulnerability in an outdated plugin. This applies only to the blog here, not the forums. This has since been fixed. Passwords were not accessed, and while we don’t see any indication of email addresses being accessed, the possibility exists. This was probably a script specifically designed to spot a certain vulnerability and just force a redirect for traffic inflation purposes.
It shouldn’t be necessary for anyone to reset their passwords, but we wouldn’t count it as a bad idea. We can only apologise for the inconvenience, we’ll make sure it doesn’t happen again.