I apologize, but there was a lengthy silence (4 hours, a lifetime with a security concern) in trying to discover what had happened. Note that I also requested a callback on my support request, and I never got any...
And seeing that someone tried (unsuccessfully) to exploit the viewtopic.php script in the few short hours between it going public and the time I patched it (several days before the Dreamhost patch), I was a little jumpy. This jumpiness could have been avoided if we had received notice of the patch beforehand.
But generally Dreamhost does a great job of keeping me informed, and you do a wonderful job with security, so I shouldn't have been so worried. Chalk that one up to a bad experience with a former, inferior host.
Next time I'll be more trusting of Dreamhost.