Multiple Dreamhost sites were attacked simultaneously by the same bot that inserts code into php files.

They claim it has nothing to do with them and its fault of each customer's website. I guess they are saying its a coincidence?
They just announced they had a security breach last week and asked everyone to change their ftp passwords.
Does their lack of accountability sound fishy or is it just me?