Time for a change of the guard. I've basically cleared all the moderators (except for 2). I'm going to run it very light for now and see how the community likes/dislikes it. In the future, I may request 1 or 2 people who think they want to moderate to contact me.
If you see a problematic post, report it.
The PM hack took advantage of a XSS vulnerability a while back. The last upgrade was performed to fix this issue. I haven't seen anything that makes me think the PMs have been hacked since. I've upgraded the forum software to the latest version, but I wouldn't put my credit card numbers in PM.