Unauthorized third party gained admin access to the OpenWRT forum and copied a list with details about forum users. Email addresses and handles of forum users have been stolen, forum moderators say. The intruder used an administrator’s account with a good password, but 2FA was not active. Forum administrators reset all the passwords on the forum just to be on the safe side. Users have to set the new password manually from the login menu by providing their user name and following the “get a new password”” instructions. There is no suspicion that the Wiki credentials have been compromised.”
Source: https://www.bleepingcomputer.com/news/security/openwrt-forum-user-data-stolen-in-weekend-data-breach/