Security Breach Reported

According to the article (which you now confirm as true) the breach occurred LAST YEAR.  Why wasn't the end-user community notified so we can change our passwords and make other normal changes?  Is the article wrong about the timing (or, did I misread)?  If so, when did the breach actually occur?

I think you misread. It was reported today, when the info went on sale. Are you confusing it with the previous data theft from other sites that the article mentions from last year?

Here's the article:&nbsp; <a href="https://techcrunch.com/2019/02/14/hacker-strikes-again/" rel="nofollow">https://techcrunch.com/2019/02/14/hacker-strikes-again/</a>

Keith, it was reported today when it went on sale doesn't mean that's when the actual breach occurred. Hopefully, we'll get a full accounting of the incident explained to us.

Hi Teak, please refer to Nolan's post on another thread that has some more information, some one asked 'So what should we be doing while you look into this?': Nolan T. J. &nbsp;said: It is unlikely that any user action is needed.&nbsp; Again,&nbsp; the amount of possible data &nbsp;in this is quite limited-- passwords are salted, financial data is not stored with us, and so on.&nbsp; This is much more about Roll20 checking vulnerabilities right now. We'll report back on our findings as soon as possible. EDIT: As for two-factor authentication, we regularly discuss this and other possible security features for the site. That has not yet concretely made the road map, but we have several updates related to continual security improvements happening this year that we view as a priority.&nbsp; If two-factor or any other concrete security practices are something you're passionate about, please let us know more via the&nbsp; Suggestions Forum . Thank you.

Looks like it was last year, although, late.