Please help, I recently developed a site for somebody and got into a dispute over fees and didnt hear from them for a few weeks.
They wanted admin rights to the site that i designed and built for them but had only paid me to design and develop a basic site. So I refused to hand over back entry to the site until they paid me what they owed me.
I thought the site i'd developed was secure and my admin password was strong, however tonight i received an email saying they had taken over the site, thanking me sarcastically and basically laughing in my face.
I'm pretty new to wordpress but have no idea how they managed to hack the site? Obviously they had access to there hosting account, is it possible their hosting providers helped them in some way?
Could they have exported the full website and database, re-installed wordpress and then imported it back in changing the admin account and deleting me as the admin user.
As you can imagine I'm pretty upset and angry but more intrigued as to how they did it and want to know how i can prevent this from ever happening again. Reluctantly I wont be taking on work from any more dodgy characters but you never know who you end up doing work for.
Any designers/developers ever been in a similar situation? Any information of guidance would be much appreciated.