The final word from my hosts, deafening-urge.net.
Hello,
I'm sorry to say, but it is impossible to know exactly what happened. The logs do not show any sign of a hacking attempt, however this does not mean there was not one.
There could very well be a flaw in the code which allowed someone to inject a MySQL query into your database causing it to delete itself. However it is not likely that it deleted other databases unless they all had the same username and password.
A brute force hacking attempt is possible and could have been happening without your knowledge for some time now, the best option there is to simply change your password every few weeks, once a month is really optimal. A lot of script have built in means for protecting against brute force hacks, and I know that the majority of scripts I write have a built in log to keep track of login attempts. I then have checks to make sure no one is trying random passwords.
You mentioned in your last response that the script's creators added a new feature to it to only allow a certain number of login attempts per IP address, this should definitely help in the case of a brute force attack.
While I fully support open source software that is freely distributed, one major problem with it is the fact that anyone can download it and find out exactly what makes it tick. This can be both good and bad depending on how you use this information. If you look at certain open source project, such as XMB, a popular forum -- its been riddled with security flaw after security flaw. This can be blamed on poor coding, but also the fact that its open source and extremely popular. If some input field isn't checked properly, a hacker could inject code into your script, which it will parse.
It is the job of the creator of the script to help to ensure things like this do not happen.
Mind you nothing is fool proof, and this type of stuff can happen no matter how secure and safe a script is.
Sorry for any inconvenience this has caused you, I would go ahead and reinstall the script, and make sure you keep up on any upgrades that coppermine releases.
Thank you,
-Tom
--------------------------------
Well...Live and learn I guess. As I stated in my last post, I will rebuild coppermine on my server and start over. Thanks everyone!