From what I heard, it wasn't even a real hack. The person knew what the email was and filled out the "Forgot Password" form, and was able to answer her security question based on a little research, which prompted a password reset.

This person will get caught. He stupidly posted screenshots of his findings which showed too much. The URL in the address box showed he was using a proxy, called ctunnel, and actually provided enough information for the ctunnel owner to find it in his logs to zero in on the user.

The information I read about that was posted yesterday morning. For all we know he could be discovered or even caught by now.

__________________