Graet,
I'm very sorry for what happened, You run the great pool and I hope that your pool would survive for the sake of the bitcoin network.
Nevertheless: What do you use to store passwords inside the database. Is there a possibility that password hashes were compromised during the last break in? What algorithm do you use to store password hashes inside the database: SHA1, SHA256, do you use salt? I'm asking because many users are using the same password and username with many pools and online accounts.
Thank you
ozcoin uses drupal 7 function user_hash_password:
http://api.drupal.org/api/drupal/includes!password.inc/function/user_hash_password/7Drupal 7 use SHA512 by default with a salt. It runs the hash through PHP's hash function numerous times to increase the computation cost of generating a password's final hash (a security technique called stretching).