Well yes, I do agree on that. People should consider using one and using Protonmail (or a similar service) with Bitcointalk. Using that email only for Bitcointalk is also recommended.
I'm pretty sure that individuals will receive emails in the future; whoever uses the same email for other services too will receive a taste of social engineering.

I recall theymos saying that deleted PMs and posts are kept in the db? This is a concern (especially PMs) in situations like these. Hopefully PMs have not been compromised.

Was running ok earlier but it's got a bit sluggish now, but that's to be expected as everyone tries logging on and resetting their passwords etc. Wouldn't surprise me if the forum will get ddosed as well.

Did he confirm his identity ??

check the pgp signature in the e mail you would have got.

that confirms it

----------

Thanks for these details.

Also the people running this board CANNOT control if someone social eng. the employee's working or the isp.
This hack is not on them.

Furthermore I would suggest to everyone to do what i do regarding forums or anything else you 'sign up for' ....

Always use different e mail addresses and long difficult passwords, (also login names if possible)

If the information in the op is correct my password is good for several million years at present technology although I did change it as recommended.

Another item to remember.  If you use the e mail for this forum for other 'accounts' , for example twitter, or a coin exchange.....  remember for many places your e mail address is as good as your log in name.....

Therefore it may make it MUCH easier for someone to attack you someplace else unless you use only e mail addresses for one place. 

Anyone who uses the same password for more than one thing in life is just a sitting duck in cyberspace waiting to be taken out.

Personally what I am most curious about is why someone would go to such trouble to hack this forum ?

As most here are going to be way above average in security habits the chance of getting a password to something else is almost nil (and they were not stored in plaintext although I guess the attacker may have hoped they would be) . 

Was it an enemy of bitcoin ??

Was it a teenager hoping to be a famous hacker ?? (doubtful no one claimed respnsibility or  posted information to pastebin proving they pulled this off)

Was it some curious person wondering if they could figure out who Satoshi is ??

Was it a wealthy jealous spouse that paid a private investigator a lot of money to 'sniff out' all their spouses online activity ?

Was it a team of scammers hoping to steal bitcoin ??

I wonder....


When hacks take place they remind everyone how important it is to practice good secure methods on everything.  I guess now we wait and watch........ see what happens next.

   

You'd be surprised at how many people will reuse emails and passwords. I'm sure many do the same with their blockchain.info accounts too. Regardless of that, the infodump of all this forum's users emails would be very valuable to advertisers or scammers/spammers but maybe whoever hacked it did it just because he could. Some people just like finding security holes though I'm sure the person will try get some money out of the info he has.

It wasn't the forum's fault but the hosting. The new forum is being made now but that wouldn't have stopped this either and its being tested to make sure there are no holes or ways to exploit it. And people shouldn't keep their bank details or back ups of their wallets in their emails especially if they can't keep it secure.

Well it looks like people have already been badly effected by their info being leaked and I'm sure it will become publicly available at some point. It looks like several accounts have already been hacked and over the next few days I'm sure we'll see people complaining about having other accounts hacked or bitcoin balances cleaned out and so on.

Actually no, you're the one being ridiculous. The money is being used to make a new forum, not actively prevent this one from being breached.
You don't even realize how lucky we are that theymos is the man behind the forum. Most of the time when these hacks happen it usually passes some time before detection.
You can blame anyone here. 1.5 million USD is nothing. If you take a look at the recent hacks, millions of people have been completely exposed.
Remember the Sony hack (a multi-million company)? or this:
http://www.usatoday.com/story/tech/2015/02/15/hackers-steal-billion-in-banking-breach/23464913/

Everyone was advised to use VPNs or at least PGP when sharing valuable information.

So when is the next compromise? 

Just kidding. Need to know what happened though.

have a strong feeling they inserted a backdoor somewhere or a keylogger.

something that would keep them getting access to the forum and retrieve data