I mean ran a brute force to get one users account ID/pass
One can make a login attempt every 45 sec. , from an IP. Do the maths, its very unlikely unless the hacker had an unlimited amount of IPs and your pass was weak
they setup a script to try and collect users login/pass
You yourself said you have neither installed anything on your PC , nor do you remember going on a phising site
On a related note, this might've been connected to your site hack