In your email you write
Through the attack, the attacker gained access to the following data:
Full name, e-mail address, encrypted password and any other data you have entered in your profile.
Are you serious that your forum stored encrypted passwords? That’s hard to believe. Passwords should be hashed, but not encrypted, because nobody has ever any need to decrypt the password - unless …