I talked with my web-hosting people and they said that it was purely a WordPress issue. My anonymous ftp accounts are disabled and there was no new user added in my cPanel database, from what I could see.
I have several sites on the same web-hosting account but only one got hacked (all based on WordPress).
I only have one admin user name and user in WordPress, for that matter. I changed the password to this account…
As for the host… that is a random generated password, with a bunch of letters and numbers randomly chosen… Should I change it anyway?
