Firstly, reset the passwords of all the administrators, including yours, then change them and ensure they include letters and numbers. Then change the password for the host control panel using the password generator if they provide one. If not, use a password generator online. Once this is done change the password for your database username and don’t forget to also update the configuration.php with your new password.
Secondly, download and install Admin Tools which will add more security to your site for the future. Admin Tools also comes with an Emergency Offline button which is useful.
Then download and install Saxum IP Logger which will trace all the registered users, giving you their IP address, country and so on and you can also block IP addresses using the plugin that comes with it.
Next, go to the host control panel and look at the logs to see which IP addresses have entered your website and while files they have accessed. The IP address that coresponds to the files edited, you can then block using the plugin I mentioned before. Joomla 2.5 is very hard to hack so it is rather likely you have an extension that is badly developed and allows SQL injection. Therefore you should always choose popular extensions to install on your website when they are database related.
Hope this helps you in the future. Regards
EDIT : You can also password protect your folders in the FTP for additional security.
You may also find this extension quite useful