our site has been hacked on 13th November 2014. I have restored the site and updated to Drupal 7.33. We have no way of knowing what was leaked, so we assume everything was leaked. Change your passwords! We are very sorry for the inconvenience.
As far as I can tell https://www.drupal.org/SA-CORE-2014-005 was the exploit used. It's curious that I can see somebody gaining access on 13th November even though the embargo was lifted on 15th November. I will continue to monitor the situation.