This is a whale of story for anyone who can nail the guilty party.
I'll just bet someone is at work on that.
It wouldn't necessarily take a hacker to do it.
Here is a plausible scenario: Perhaps the original MD4Bush was not the same MD4Bush from a few days ago - but the second MD4Bush used the same computer, surfed to FreeRepublic, found that the original MD4Bush account was already logged on and contained his old email.
It could be that simple - but it would be a violation of the ECPA because MD4Bush #2 was not a party to the original communication.
There are other questions (perhaps already answered?) - how did MD4Bush obtain NCPAC's identity?