I think that someone is trying to brute-force passwords. Bad login attempts were handled very badly/slowly. I fixed the performance issues there, though the brute-forcing is presumably still going on. I don't have time look into it. A single IP can attempt logging in no more often than once per 45 seconds, though, so it shouldn't be too easy to brute-force passwords.
You don't have time to look into it? Seriously? Why don't you spend some of that 6000 BTC to hire someone who has time to look into it. Seriously.
https://bitcointalk.org/index.php?topic=236325.0