Update on PHP source code compromise: User database leak suspected