metalhead661

As far as I can tell they haven't been providing specific information how the attack happend or what type of trick was used we only know that access to the DB was comprimised. Even if we did know how it happend I doubt they would give the information if the mentioned leak was not patched yet. They provided enough information to explain the situation wihtout risking more attacks. The attacker would have been bragging about it regardless of the statement meaning even if we wouldn't be informed a large part of harmfull thinking users would have had the info.

First of all thank you for being honest about this incident which is rather rare these days. As you mention there was full DB access it might be a wise course to enforce a password reset, since there is a possibility the database has been duplicated for password harvesting regardles if they are hashed. (unless acces logs tell otherwise) Further more it is kind of strange/dumb that the cracker used no masking which makes you wonder if the person you traced really is the culprit. Sure there are scriptkiddies who use metasploit stuff etc without thinking, but rarely they get full DB access. You mention that there has been attempts to adjust the forum skins (possible c99 or similar attempt?) It is hard to rule out that the kid got hit himself by a attacker. It doesn't sound like a simple deface attempt and even the most basic kid knows masking, either he is really dumb overconfident or we got a classic case of scapegoating. Just a take on the situation.