Just a suggestion: why not put a disclaimer forbidding this type of incident on your website? I cannot find anything about it. Would be more easy to complain to the webmaster of the guilty web site if it was the case. Just MHO.
For the guilty website webfork talk about:
Download the dump of the database, just a valid membership permits to do that, than it's easy.
for e.g with one of my software (Movie Info search)
Look at the referral ID number of any software or a particular one:
Movie Info Search ID is #2747
Now how to refer it?
URL + ID = Targeted software
' + '2747' (deliberately change a letter for another one)
There a snapshot can be done, not going to explain how neither more about how to scrap info for obvious reason.
The only way to stop this easy part is to stop the dump of the database or to make it not accessible to public or restricted.
A readable copyright notice should also be added to the database. At the end of file?
So, is this site used stolen password or the like? I guess not, it used what is in place and 'exploited' it. It's a simple hack IMHO. Recording Member ID who did access the database dump limits the search for one who hacked. With a little bit of logic it can eventually be very precise. Once the leak identified a member can be banned. It will not stop another registration then again arise the problem. May be a filter at registration could be there a solution.
To avoid this kind of thing my suggestion could be a solution on top of more what you can do physically on your server (Stop URL referral with filters from outside the server ?)... I don't really know much more what can be done, it's unavoidable when you are popular. And TPFC is popular.
I hope this post will help you guys to solve this type of problem in the future.
Note this site was up at the time I posted this one. Domain is for sale too though. Weird.