Me too. I don't want anything left that relates to me on your server; haven't used this for years. The whole point of hashing properly is if your database is stolen it's not worth it to try and work out the passwords. If you have a salt per password and use something like bcrypt with a decent strength (unlike something like MD5 or SHA1) you're going to be pretty safe. I appreciate that you didn't write the software but someone could get a database dump (and most likely did) without it having anything to do with the forum software. It could be due to your negligence if the database password isn't strong, remote connections aren't disabled, privileges are wrong, etc. In the UK, broadband provider TalkTalk got hacked recently by a 15 year old due to bad practices so I suspect you're being somewhat economical with the truth. Please remove anything personal from my account. This will be my last post here.