Server security

Advert test
Just wondering if anyone else has come across one as bad as this.....

A client of mine had their site located on a U.S. server. Last Friday the site went down [and is still down].
I tried getting into the site's admin panel and Wahayy!! - I'm into the root of the server. I have full access to everything + access to the contents of around 2000 websites :D:D

My client has now seen the error of their ways and I now have the hosting account. Maybe I should push an 'index.htm' onto all the above sites advertising my services????