Other forum has 2fa and email security.
A Bitcoin address effectively can act as 2 factor authentication. If you remember posting a Bitcoin address then you could sign the address and provide that information to theymos. If the hacker has changed the post that contained the address, then theymos will likely be able to see the post history. Basically, check the post history or try to remember any time you posted an address and tell him about it and provide a signed message. Even if you have sent the address via personal message you can tell him about it and he'll be able to find it. I believe I remember reading a post by theymos years back that he will ignore any messages which do not contain the information described above.
Found the link: https://bitcointalksearch.org/topic/recovering-hacked-accounts-or-accounts-with-lost-passwords-497545
Wait, why bitcointalk.to? It's .org, not .to.