WordPress site hacked

Hi guys,

I’m a newbie here in the forums but have been around the site for years. This is in regard to a friend’s site that sported a paid for template. This was hacked a few days ago, and the index.php was changed to a different file.

I checked the site out for timthumb exploits and found there were none (this paid for template had a timthumb exploit but was fixed long ago by the template developer).

I asked my friend what happened before this incident and he said a day before the site was hacked, he received an email asking for a password change for the admin user (take note that he didn’t use the default admin user for the install and changed the admin username to something else).

A day after, the site was hacked, and his password changed.

Just wondering if you guys have experienced anything like this?