It seems that someone got access to our webserver via some legacy software hosted on totalwar.org. This has now been locked down, and many features and functionality from the old sections of the Org are no longer accessible.
The hacker attempted to hijack and control a admin account (failed), and tried to deface sections of the site. Any alterations have been reversed and secured against.
Whilst passwords on the Org are encrypted, they may have been exposed during this time, and it is highly recommended that you change your passwords to ensure your accounts are not compromised. Similarly, if you use the same email address/username and password on other websites. Whilst this may just be a precaution as there is no way to tell, I would recommend following this advice.
We're still investigating the extent of the breach, and some functionality on the site which people may be using is disabled to ensure this cannot occur again
In the meantime, we recommend that everyone changes their passwords ASAP.