Pull JPA NOW.......!
If the information supplied by Almost_done is true, then immediate action is required. It would appear that JPA is vulnerable to penetration by determined IT hackers...... therefore, the system is insecure...!
There is no other decision to take other than rectification of the security issue ASAP. In the meantime, all access to, and operation of, JPA should be suspended immediately.