I think the fact that it's been a quick, quiet move realistically means that they've discovered something that could be or is being exploited and they are trying to plug it first and answer questions later.
There seemed to be some roboscript trouncing through my server as I was setting everything back because I started seeing some weird things. My .ssh keys no longer worked because their perms had been changed to 644 which means they won't work. They worked just a few minutes before. Also, the ability do do a directory listing in my shared_resources user seemed to come and go...
I give up for now. Something's going on, and I hope DH is in the driver's seat right now.
Dreamhost, I really hope you are in control of my server right now. I have two sessions open with the same user, one has been logged in for a while, one just now
in one terminal (just logged in):
$ ls -alth /home/commmonuser
ls: cannot access /home/commmonuser: No such file or directory
but the other terminal (same user, has been logged in for some time):
$ ls -alth /home/commonuser
-rw------- 1 commonuser pg2222222 7.7K 2012-03-29 19:42 .bash_history
drwxr-x--x 702 root root 20K 2012-03-29 01:53 ../
What's going on?