Wow look at the can of worms I opened up.
Looking at it from a mod/admin/owner side, you sometimes have to error on the side of caution like David did. When you feel or know for a fact that some thing has gone horribly wrong you lock out those involved just in case it was for real malicious. Even if it was a prank, you don't know that at that time.
In either case you have to also remain elusive to the members. For all you know the perp may be a member and is sitting back to watch the show. As much as you can you want to keep from tipping off this person you're on to them. Or are suspicious of them. You need to be tactful with your members with phrases like "It's a database error, we're working on it". In the mean time you're doing your admin thing getting to the bottom of what happened and how to resolve it. After the dust settles you go back and explain what happened and why you responded like you did. Some may not care for your methods but a lot will. It's your forum. You paid for it. You maintain it. So it gets done your way.
The mods and members have to remain vigilant for things like what I suggested could happen. Members alert the mods and the mods do what they can. If and when it goes beyond their scope of powers they alert the admin or owner.
We, at our respective forums, will handle it from there.
Overall I give David an A for how he handled it on his end.
Not all of the mods responses were good but then not all were bad. I give them a B.
Oh and I'm not going to ask where celegorm got his known good contact info. If it came from my place in this case it was necessary. No harm, No foul. Celegorm just beat me to the punch when David asked for a contact.
Sometimes we set aside the competing forums stance to work toward a common goal. Like spammers, hackers, and other known bad occurances.