A couple of weeks ago we also had small hack. Our site was closed and had a "hacked by 'some hackuser name'" message on the offline-page. All admin's changed their password (also for ftp-acces). A couple of weeks later our ftp-root was empty after another hacking attempt. If you (sirdude) want to have the logs on this hacking attempt you can mail me. We still don't know where he came in, but since then we have an extra password (via helm control panel) on our admin-directory.
btw: we now have the latest ubb bug/security-fix installed
