Yeah this is kid stuff.
What was probably a big security hole is how often that server (and the software on it was updated). Especially with a server in a home, it’s likely it was not patched very often, even with regular Windows updates (since those require a restart and Windows servers don’t restart automatically).
So any hacker worth his salt could probably use any number of vulnerabilities even a few months old to compromise that kind of system.
From an IT perspective, there is one -- and literally ONLY one -- reason why you would do this, and that is so that you would be able to hide your virtual paper trail. That's it. There is no other advantage to doing it. It's like sanding off your own fingerprints.