Today, I got the following email from Ars Technica.
The following is an e-mail sent to you by an administrator of "Ars Technica OpenForum". If this message is spam, contains abusive or other comments you find offensive please contact the webmaster of the board at the following address:
Include this full e-mail (particularly the headers).
Message sent to you follows: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
You are receiving this message because you have a registered an Ars Technica account with this email address.
Our previous forum provider (Social Strata, formerly known as Groupee and Infopop) had a server hacked recently, and has advised us that private registration email addresses were harvested. These included email addresses for anyone who registered with Ars Technica while we were still using their services. In addition, the rooted server was used to send out at least one mass phishing attempt.
Although Groupee/Social Strata tells us that no password information of any kind was accessible from that server, we still recommend that you change your Ars Technica password (and any account on a third party site you use that password with) just to be safe.
We became aware of this issue this morning and are following up with Groupee/Social Strata to see if we can get more details and assurances on the scope of the compromise. We have also requested that they purge all Ars Technica data from their systems so future problems don't affect our users.