Many of you guys have received e-mails this morning regarding Aarinfantasy's leaked user database.
The database contains information containing your usernames, passwords (encrypted), IP addresses, e-mails, etc.
Even though the password is encrypted, it can be matched with existing decrypted passswords to figure out what your password is, especially if it's a weak password, like 'abc123' or 'password'.
I highly recommend that you change your password on aarinfantasy and any other sites with the same password.
The hackers accessed a vulnerability in the forum software, vBulletin, and was not patched in time. From there, they could start figuring out the passwords.
A couple of our admins had relatively weak passwords which the hackers were able to figure out and were able to log in and access the admin control panel to send out the e-mails. Fortunately, no serious loss of data occurred.
I've taken steps to prevent such an event from happening again and apologize for the inconvenience and trouble this may have cause you.