I know several people have been wondering what happened with the downtime and why it was necessary. This topic is a super short version of the details as I’m not entirely comfortable posting all the specifics just yet.
So what the fuck happened?
On 2020-05-31T18:00:00Z (this date should show in your local timezone, if not, make sure you’ve set the correct one in your account preferences) several user accounts were hacked by hackers using an exploit in the passsword reset system. This included my account. Luckily as I had 2FA enabled they weren’t able to do much with that access.
NO PERSONAL INFORMATION WAS EXPOSED EXCEPT FOR THOSE ACCOUNTS THAT HAD THE PASSWORDS RESET! I cannot make that clear enough. If you were one of the users affected and aren’t a regular in the chat, you will have received an email at your registered email address retrieved from a backup that was current as of May 1st. I went back that far just to be sure I had legitimate email addresses for those affected. You must use the password reset function here on Discourse to update your password, and I strongly recommend updating your passwords anywhere else you might have used them even if there’s no reason to believe the password hashes were accessed.
Only your email addresses would have been exposed by the access the hackers had as that is visible in your account settings.
If you have any questions feel free to ask them here or by sending a message to @moderators. Please do not message me directly as I would like to keep the other forum staff in the loop about any questions asked privately and this is the easiest way to do so.
So why Discourse specifically? It has a lot of advantages for you (very little fighting with the post editor when posting stories) and has many advantages for the forum staff due to better moderation tools and it gives me a very robust API to work with for various reasons.
It also has one BIG advantage in the future. Contests are much easier to manage. I’ll explain that at a later date though.
Again, if you have any questions, feel free to ask them.