Okay, so; as I briefly discussed on #lix earlier (but didn't post here); the site in question was identified thanks to Ramon and NaOH. The site in question appears to be a fairly innocent blog that's hosted on NearlyFreeSpeech.net (the same host Lemmings Forums (and the NeoLemmix website, for that matter) is on). As such, most likely what's happened is a random and rare glitch in the host's routing; I have reported the matter to them, as although in the case of a site like ours being redirected to a presumably innocuous blog it's pretty harmless, it could have major security implications if it were to occur with, say, a commerce-related site.
In terms of security risks, in a worst case scenario (ie: if it was an intentional hack and not a random glitch, and the blog redirected to was actually trying to gather cookies / form data / etc submitted; this is extremely unlikely and there is probably nothing to worry about; I am simply providing this information partially for full disclosure purposes and partly in case anyone is the super-paranoid type who likes to be aware of these things):
- If the redirect started happening to you at the exact time you tried to log in (ie: not one or two pages after; but the very first page to load after you entered your username / password and clicked "log in"), it is possible that the other site may now have your password. In this case, you should change it here and anywhere else you use it - once again, I stress, not only is this very unlikely to actually be the case (it's a worst-case scenario), but it is only even a possibility if the redirect started happening to you at the exact same time you tried to log in.
- Otherwise, at most they may have your login authorization cookie from this site, if you use the "remain logged in option" (but were already logged in before the redirect happened). This does not give them your password, as the cookie does not save your password itself, it simply remembers that you successfully logged in. At most, they could possibly be able to use it to access this site logged into your account; at worst, they could see the visible information in your profile settings (the only thing I can think of that might be visible here, but not visible publicly, is your email address). At any rate, the authorization stored in the cookie can be invalidated by simply logging out from any PC (or other device, eg. smartphone) that you're logged in on; including one that you logged in on later than when this happened.
- If you didn't try to access the site during the time this was happening, then there is zero risk whatsoever to you.
Yet again, I will stress that the above possibilities are based on an absolute worst-case scenario, and it is more likely that nothing has happened at all.
I have also made an up-to-date backup of the site about 20 minutes ago (at the time of writing this post). This is partly due to this incident, in case anything more serious happens around the same time (although I'd say by this point, we're probably safe), but also partly because we're fairly due for another one anyway - the previous backup was about two weeks ago, and although in practice I don't keep to this target very well, I ideally want to do backups at least 3 times per two months anyway.