using the same password everywhere maybe?
If a hacker got hold of a database and reverse MD5'd your password - if you used it everywhere its as simple as abc.
in MYSQL config file did you mentioned username and password the one you are using in FF and RS ?i think that some time ago i posted my MySQL config php in public forum so can be ? anyone confirm this