I am going to come in here and fully reiterate what Tuan has said.
Innocent until proven guilty. Users throwing around accusations of who has done what based on an email newsletter is dangerous. I know I have endless newsletters come in that I could swear I have never signed up for. By accusing another company of hacking you are likely to cause just as much damage to Tuan, and it would not be the first time the internet has got it wrong.
I know it is frustrating and this whole saga has been a worry for everyone. Be thankful it has turned out to be largely a non event. It is Tuan who has really felt the pain here and if he wishes to push forward with development and put this behind him then he should be allowed to do so, rather than have to spend his time defending other companies because frankly, who knows who hacked him. All I know is they clearly weren't idiots, but you would have to be an idiot to email everyone afterwards with your company's newsletter.
Lets just learn some important lessons from this:
- Change your password after sharing it with anyone
- Keep backups, lots of them
- Apply updates
- Keep a watch on your servers activity, and actively check and respond to any changes
