thanks - finally figured it out.
seems I tried to be tricky a while back and pump in info from another site. Decided against doing it, but instead of deleting the code - I commented it out for use at a later time. Well, it seemed the site I was pulling from changed their code, which affected my site (and didn't leave any ftp log footprints either!)
Well, looks like you didn't use FTP to pump the info into your site, that is why FTP logs didn't mention it. Anyway, it is good to know that you found the cause and it was not related to unauthorized access to your data.