Well thats what would happen, but they didn't actually get hit by Santy. Someone took the vulnerability it exploited and actually took over.
Someone linked to it in Off-Topic when it happened (when you couldn't see Off-Topic for whatever reason). Everyone went there, and there was a single section, with a single topic, with the person saying they had taken over. Becuase they had, took the vulnerability and had complete control of the site.
If you read their news page sometime in the last few weeks they moved off of PHPbb, to something else (I forget what right now)