As some of you know that Harmony Central has been down for several days now. Initially, they directed traffic to their Twitter account (@harmonycentral) which was keeping people informed of the status. They would reference the outage to ‘maintenance’ which I thought was a bit weird, but today they issued a letter explaining the situation, and it looks pretty ugly:
Here is the relevant chunk of the letter. Please read the full letter here.
Someone without authorization temporarily gained access to the Harmony Central site. That person or persons also gained access to our stored member information, which includes e-mail addresses. If you have provided us with other information, like your date of birth, we have also stored that information. Our stored information also includes member passwords, which are protected by multiple levels of encryption.
Our team stopped this intrusion. We are working hard to further improve the security of the Harmony Central site. We regret that this incident has caused the site to go offline temporarily. We also regret any concern that this incident may cause you.
Since user accounts and personal information may have been exposed, they are recommending that all users update their passwords as soon as the site is back up. The passwords were stored encrypted, but to be safe we should ALL update our information.
As of today, the site is still down