The vector for any breach is not described. An earlier article (like three weeks ago) described a phony website, where duped users would voluntarily give up their id and password. I wonder if this “hacking” is likewise a phishing exploit.
"Hi. I am Kofi Anon, son of Al Anon. My father recently died, of a suicide. I need to send $15.3 million my father promised to your Hillary Clinton. However, my emails to her go unanswered. If I have gotten the right email address, please send $xx,xxx in good-faith money plus your bank account number and password to: frankg@giustra-clinton.ca "