If there are thousands of new users after a hack attack, edit the file conf/users.auth.php. That file contains the users..
conf/users.auth.php