Dude, if you or I sucked off 3-, 4- and 5-Star Army Generals in the Hood, we, too, would've been capable of creating, then hacking our very own cryptocurrency exchanges alone with conducting our own DdoS attacks and phishing attempts making such seem like they stemmed from outside sources. If one has to think about that too hard, StakeMiners is looking for A Few Good Investards.
Considering that "industry standards for security" would have prevented any theft... 1) dont run programs as root, 2) dont allow non-vpn to access database, 3) dont run untrusted 3rd party software on the same server that holds $13M...
It's either complete incompetence, or an inside job...
The database leak is particularly suspicious... Who leaves a database port open to the internet? How is that even possible to hack?