Thanks Ian
I am running 6.0.8 and will take your advice and upgrade to latest 6.0.11
Have looked at the Staff Access Log and can't see any rogue entries as yet.
It's less than 3 months since I upgraded from V5 to V6 after being hacked.
An expensive period as I am not able to do the work myself.