We recently monitored several attempts by a student of the Wake county public school system to hack into an administrator account on the site. The IP address strongly suggests this was a troll we banned from the site yesterday. I've put a manual access restriction on that entire IP block and notified the school system's network administrator. I'm waiting to hear back, but with luck, we should be able to identify the culprit.
As a rule of thumb, though, please be diligent about your own account's security. The best passwords are unique, random, long, and use a variety of character types (uppercase letters, lowercase letters, numbers, and symbols). One password methodology I suggest is to create a phrase that includes the domain of the website you're logging into. For example, "I don't always DOMAIN, but when I do, I choose Dos Equis" might translate to "1d@ORNbW1DIcD3" if you're on ornlarp.com. Unique, varied, long, nigh impossible to crack, and easy to remember.
The site is backed up weekly, so there's not much that can't be recovered, but it is a chore to do so and there may be social consequences if the hacker pretends to be you online. More importantly, it's just a good practice in general. Be safe.