Hetzner, the web hoster where the IPFire project is hosted, had an incident this week where somebody got access to the account information of their customers.
As far as we can see, there has been no harm because the hacker is a White Hat and also Hetzner is doing a great job about communicating the issue.
However, I once again would like to encourage all you programmers out there: Never ever use unhashed passwords anywhere. It is not that hard.
More information is available over here. I’m sorry, it’s German.