The hacker did manage to log into the server using the root account so basically, the entire server had been compromised. Anything on the server can have been downloaded or save by the hacker including e-mail addresses, AQ mail, and even the passwords files. Passwords are encrypted using a one-way encryption algorithm so there's no way the hacker would have gotten your plain-text password, but for those of you familiar with the Cracking Passwords page (premium members only), imagine having the power to run this page and see exactly which accounts the passwords match. In theory, the hacker could do this. Since AQ doesn't have any sensitive information like social security numbers or credit card numbers, I'm not going to require anyone to change their passwords--but it wouldn't hurt. And as far as I can tell, the hacker did not access the database, but I can't be 100% certain of that either.
I restored the database from backups that ran at about 3:00 this morning (Pacific time)--if you sent an AQ mail, listed finds, listed plants, or anything after that time but before the hacker struck, they've been lost. Assume they didn't go through.
A couple of database tables didn't get saved last night--one being the locations table. I had to use backups from Sunday for that table, so it's a bit more out of date than the other tables. Three events and 188 boxes had references to locations that weren't in the backups, and they're currently all pointing to "no location specified." If you've recently edited the location of a box or added a custom location for a box since last Sunday, you'll want to check if it's still in place. Most should still be place--only locations "new to AQ" weren't saved. For instance, if you added a box to "Seattle, WA" (which AQ has known about for years), it's pointing to a location AQ had already stored years ago. It's locations like parks, addresses, and such that have never been used by anyone until you added it that would have been lost. Sorry about that. I've fixed it so the locations are properly stored nightly, but there's not much I can do to retroactively fix that.
The other tables that didn't get saved last night relate to the listings for the trip planner. If you added or modified a listing since last Sunday, those have been lost. Sorry about that, but I don't think it'll affect very many of you since not many people play with that page on a day-to-day basis.
And finally, images don't get saved on a nightly basis, and I forgot to backup any new images uploaded before I restored the server to a pre-hacked version. If you've uploaded images since Sunday, you'll need to do that again.
I've taken a few precautions on the server to (hopefully!) avoid this kind of attack again, but honestly, there are no guarantees. There's no such thing as a 100% secure server and as sad as it is, eventually, someday, this kind of thing is likely to happen again. You'd be surprised at the number of "attacks" that happen on AQ every day. I use the term "attack" hesitantly--most of them are pretty weak and harmless--but there are dozens of "suspicious" activities that AQ detects every single day from all over the world. And to be perfectly honest, while I know a little about security for a server, it's not my specialty or my strength. I can just do my best. And I do know how to learn and improve with age and experience. =)
Sorry for all the trouble this caused!