The provider did a little looking around.
They thought the attack was probably software side. Vbulletin is pretty sound (if any one remembers the free phpbb board that we started with will attest to).
I'll apply the latest software patch when time permits - unless of course the baddies return sooner
