We are continuing to investigate this and exploring potential scenarios that may have occurred both to this forum and from other sources of the data.
We are now aware that there are additional valid email and password pairs in the cit0day dump for our forum, but not from further users where this forum appears to be the only source. Thus we can't yet rule out the possibility that these were accounts where the forum was used for verification of passwords found elsewhere through credential stuffing, where users have reused passwords.
If anyone else appears to be in a similar situation to Lurker, that they're email and password are included in the cit0day dump and the only linked web address is winterhighland.com please drop us an email to snow2021 at winterhighland dot info or call 0333 444 1973 - please leave a message if it goes to voicemail, but please don't send your password in communications!
You can check your email at [www.avast.com
If you have used your Winterhighland password elsewhere, please change it everywhere you use it now!
Also please don't just use one password for that and never re-use the password you use for your email account! If some bad actor acquires your email password, they can reset many if not all passwords associated with that email address.
, if you read this could you please get in touch as to whether your email address shows up for any other website. This would be very helpful, thanks for checking and taking the time to post - every bit of info helps.