Network Solutions still hasn't told us the IP address and the date when our client's site was hacked. They essentially said that the server logs were too big and there was too much traffic on the ftp server for them to track down the info we needed. I pointed out that it was a two-week window that we were looking at, and ALL traffic logging in to our client's ftp during that period of time should be regarded as suspicious since the only people with access were us and the client, and neither of us logged in during that time. I was told I would get a call back within 24 hours.
That was Thursday. No call back yet. I've got to assume at this point that their servers are compromised, otherwise why would they be so gosh-darned reluctant to hand over the info?