Ah, “Project White Elephant.” Just when we thought we were safe …
K (the administrator) calls, informing us that he is currently talking with someone else logged in as root on the system.
Sigh.
We found out how the person got in—8,500 login attempts and they got lucky (hey, I didn't pick the password; nor did Smirk, my boss). The person breaking in also didn't bother to wipe out the root shell history or even mask that they had logged in (heck, they initiated the conversation asking if we would allow them to run an IRC bot (Internet Relay Chat bot) [1]); fortunately, this was all the person did.
Still, quite annoying.