[mjochim]

If you used docker run -p 5434:5432, this port is accessible from your network, not just your local machine. Couple that with an IPv6 uplink to your ISP (i.e. typically a gobally reachable IP address for your machine) and a disabled firewall in your home router, and that's one possible way how this could have happened. Of course, home router firewalls are not usually disabled. But it's a possibility.

[Kkoala]

Oh well, looks like this is the answer, there was an allow rule for Docker for all incoming traffic... Don't remember setting that one..., but definitely changed that to a "block" now.

Thanks!

[agilob]

What other software do you run in your network? I got affected by this too, nothing of value was lost so I'm going to create DB from 0. Logs point me to home-assistant trying to bruteforce the postgres database. I'm not running windows.