A few days ago our provider noticed some strange outbound traffic coming from our box and shut it down so that I can review. They believe the traffic was part of a outbound denial of service attack.
I'm still analyzing but at first glance I do not see anything that would indicate a compromise. Regardless, I still recommend that you change your password if you used it anywhere else - just to error on the side of caution. I will be forcing a password reset for everyone soon.
You may notice some stuff missing and the site might seem a little slow. In light of a potential compromise, I've decided to wipe the VPS we were running on and start from scratch with updated versions. It will take a few days for me to properly configure everything -- so in the mean time I've set us up on a temporary host. I've also gone back to a clean install of the SMF forum software and applied only a handful of forum mods. Let me know if you run into any issues.
I apologize for the delay in getting things back up. It's hard to juggle getting the site back up and taking care of a 4 month old.