First off, I'd email this guy back demanding my exact IP, remote port (my port), local port (the port on his computer), protocol, date, and time that was used to gain illegal access to his database....