Michael Villado, a self-described “digital Sherlock Holmes” claimed that not only was the WordPress installation hacked, but as a consequence, “all of the user data and site is completely downloadable” via exposed WordPress-related SQL files.