Pol,

Never said ‘out of the woods’. :wink: This sort of mess is going to take awhile to clean up.

As you say, seems their situation is due to lax or simply bad security practices, and so was a relatively easy target for a hacker(s). That this is so bad we’re talking privacy and security breaches in one breath, and it is really a shame as the common user really does not think about these or such issues before they visit.

It is only a matter of time before lax policy enforcement will come and bite you!

Some sys admins do not know what they are doing, and they (may) never will. Hard lesson to learn; this is always bad for innocent site visitors.