It appears they were running SMF, so in this case "hashed" means "a single iteration of SHA-1 after salting with the username"[1]. Ugh. Hopefully nobody was using a password they used elsewhere.
Unfortunately, forums with decent security, forums that are free, and forums that have the features you are looking for are groups that rarely overlap.
SMF was the only viable option for a forum I started. My requirements were
1. An events calendar
2. Discussion boards with varying permissions
3. Tiered membership
4. Automatic events newletter
5. Costs less than $10/month to host
6. Takes less than 2 hours/month of technical work to run
7. Can be set up and running in less than 40 hours.
8. Can be run/hosted by someone else if I'm no longer have time to manage the site.
I'd write my own but there's only so much time available in a day. I'll be looking into a way to add bcrypt hashing to SMF as a plugin. Not an easy thing to solve.
Edit: "newsletter" isn't the same thing as forum reply notifications.
Discourse lacks an integrated calendar. Also, forum notifications aren't sufficient when I want to set a weekly events newletter to people that haven't read the forum recently.
bitcointalk.org is spending millions on their new forum system that's being written from scratch. Hopefully that will be one to look out for when it's complete.
Google calendar would require double entry. Right now the calendar links directly to forum posts and can be created, edited, and deleted at the same time. There is also an issue of moderator training if the site gets larger or someone else takes over after me.
[1] https://github.com/SimpleMachines/SMF2.1/blob/release-2.1/So... — I can't find a public VCS for 2.0.x, but the code hasn't changed.