What really happened? Host trouble? Hacked? Things got messed up when updating MyBB software? It doesn’t make any sense to suddenly just get rid of the MyBB aided forum. Normally, one would develop this on the side and release it when it’s ready, make the transition from old to new site with little to no down-time. So, what was the culprit?
The transition was planned to be smooth just like you described, however, we were caught unprepared - all posts and recent backups were deleted by one of the admins -SkullTraill. He claims he had nothing to do with it, and his account was compromised.
Any mybb page can be modified through the admincp templates, and that's exactly how the index page was modified. Your password wasn't changed, and the IP that did the mischief had been logging in to the account along with your other IPs a month before the deed. That makes it hard for me to believe you, however, there is still a possibility that someone stole your password, cookey/loginkey, or w/e mybb uses nowadays, which is why I hold no hard feelings for you.
@skltraill @crow forgive me if I'm out of line for chiming in. I'm a security engineer by day, and I may have something to add of value. In many compromises these days, the attackers use malware to gain a foothold in an admins machine and 'pivot' off of it to gain access. This allows them to use the trusted ip of the administrators home to fool user bavahior analytics. Skull: if you're innocent, and I have no way to evaluate that claim, so until I know otherwise, I'll assume you are; you may be rolling dirty. I would advise re-imaging all of your machines and reinstalling using known clean images. When restoring your backups, have your system flag and delete and binaries it encounters, maybe generate a sha256 for each of them and running it by virustotal.
Next up get a good off line password manager, and reset all of your passwords to randomly generated unique passwords.
Lastly, when you reintall your browser (after re-imaging, assuming it's not the default) do not restore the browser plugins or settings. Some times they are saved in the cloud, and restoring can restore tlmalicious settings.
Crow: depending on the size, it's probably possible to save a running copy of your last good backup to Amazon s3 for free. You can set the bucket policy up so that the backup system can write to the bucket, but doesn't have rights to modify or delete existing backups. You just set the bucket up to delete files older than X automatically and deny anyone else delete it modify existing.
Thank you for keeping the lights on in this place. It's shitty that someone messed things up. Anything I can do to lend a hand, I'm game.