I think more importantly you need to find how he was able to change these details on your account…
Check your access logs etc…
It could any number of things, from an unsecure plugin, to an unsecure host… or an easily guessable password…
Change your passwords, as a matter of precaution, making sure no less then 8 characters, a mixture of numbers and both upper and lowercase letters..
Check you server for any extra files… if you have any 777 permission folders, check these first for extra files that shouldn’t be there…
Also, Im not sure what precipitated your “re-launch”, however I located a cached page on your site from Feb 09 that indicated you were running 2.6.3 at that time —
While its evident since your last post was just this month, that that e-mail address was recently changed, the fact that were running 2.6.3 just last month suggests that might have been the original problem.
Im not saying thats a sure thing, just that its worth considering, thats all. This is the other reason why I am so damn bitchy when people dont upgrade — it makes it nearly impossible to even guess at what the problem might be since we cant rule out the older version being the source of a security issue.
In any case, the advice above is excellent. Make sure to change the passwd that wordpress is using to access your MySQL db and dont forget to update your wp-config.php afterward.
you also have a vbulletin install on that site, v. 3.7.3
3.7.4 was released back in Nov 08, and im pretty confident it included security fixes. In fact, vbulletin is at 3.8.1 right now, well past what you are using.
again, we’re back on the “staying current with our software” thing.
here ya go:
http://www.google.com/search?hl=en&q=mr5%40hotmail.com+vbulletin&btnG=Search
i have 3 vbulletin installs and they are all 3.8 actually…