Well, it happened again! We got hacked by 404 (the hacker group that did the Malaysian airline hack)! How did this happen?
Someone got hold of my password and installed a fake package (addon) through the admin center which replaced the main file of the forum. Oddly enough the IP address traces back to a company that's only an hour or so from here. That IP has since been banned at the server level and I changed my password.