Sorry for the inconvenience this has caused. We are taking steps to make sure our data is as secure as possible.
1) Your passwords are combined with a random set of characters and then hashed to create a unique fingerprint, and only this is stored in our database. This is impossible to reverse engineer, so if you use your CAG password on other sites, they would not be compromised.
2) While we don't have any evidence that any data has been taken, we can't rule out that it wasn't taken. This means your email address and your username might have been taken.
3) A required password change will be incoming. We need to regenerate new salts (the random strings used to make a hash more unique) and that screws up the stored passwords.
More information soon. Thanks for your patience.
Big thanks to John for getting us back up fast.