Do you have your .pass and .db files in a password protected directory??? If not, you should. If the files are publicly accessible meaning that they are not in a password protected directory, then hackers can use robot spider hacker programs to find the files and then open them. I would also recommend changing the name of the .pass and .db files.
Regards,
Eliot Lee
Regards,
Eliot Lee