I noticed the following weird entry from my "last" command from an IP address in Romania:
user pts/0 89.123.111.228 Sat Jul 28 12:48 - 12:48 (00:00)
I'm wondering if that means I was hacked? But it says they logged in for 0 minutes, does that mean they failed? I can't find the answer in the man pages.