I just wanted to tell all forum admins this simple fact. Do NOT upload forum backup files to the internet! Or atleast rename them! Recently I did a test to see how many people were dumb enough to upload a PHPBB backup file to the internet with the original filename. I whipped up a simple google hack (not going to post here because if you are going to do things like this learn it youself) and found 50 ".sql" files that contained everything that someone SHOULDNT get a hold of. Usually, from the PHPBB admin panel, you do not have access to the passwords of the users. BUT some people dont know that if you make a full backup of the forum, it also has all user passwords in it. They are in the form of an MD5 hash wich is easilly crackable. Using this info I was able to find alot of admin passwords. But I reported the backup files to the administrators because I thought it would be harsh to delete their forum. Anyway this should be a lesson to all site owners. Do NOT post backup files that contain passwords on the internet.
Glad this isn't phpbb . Anyway, I think that Mr. Hogan would use really complex passwords which wouldn't be easily cracked.
It seems to me that vBulletin would be equally vulnerable. Why these files would be indexed by Google, that's another question. Keep your backups out of your production directories -- no matter what forum software you are running.
If you could download a vbulletin database, it wouldn't be hard to manually edit the forum admin email address and then reset the password with the new email address. Had to do that before on a couple of my own forums. In other words, don't upload databases to your public_html folder!
Am I right to say that also phpBB has an automatic back up MOD? SO admins may use this and the back ups just begin piling up in there site folders...