I'll leave this here.
https://haveibeenpwned.com/
Add Android Forums to the growing list of web properties that have suffered a security breach. One in 40 members of the forum (2.5 per cent) were exposed by the hack. Moderators said they've been able to identify potential compromised accounts, the passwords of which have been reset. Many of the affected accounts were older …
https://haveibeenpwned.com/
and you trust that site not to be harvesting all the email addresses people check?
I suppose I could check the dozens of throw away email addresses I have use to join forums like this, but, why would I care even if I could remember some of them?
The difference is, you're not telling that website your password. I guess you never tell anyone your email address?
https://en.m.wikipedia.org/wiki/Have_I_Been_Pwned%3F
Here is the about page of the very well known, and we'll respected, person, Troy Hunt, who runs the "Have I Been Pwned" website. https://www.troyhunt.com/about/
And he does tons more for the infosec community. Not to mention, his personal blogs are always a good read.https://www.troyhunt.com/ So, while you are there, maybe you could say thanks.
"Members of the site can find its breach notification statement here (registration required)."
The irony of asking it's members to log in to see if their account has been hacked.
The email telling me this and telling me to reset my PW, directed me to a site with a 5-subdomain URL which was NOTHING LIKE Android Forums, to reset my PW.
It was also spam filtered by GMail.
I can't even...
Why am I not surprised to see poor security practices at an android forum - after all, they have to follow their evangelized product...
I thought at first they were talking in general a bunch of sites which worried me that perhaps an Android site worth visiting like XDA got hacked. Nope carry on.