I think because this was, similarly to Linode issue, an inside job. I don't have any indices that other bitcoin-related servers at OVH has been hacked as well (yet), but the scenario how all this happen indicates that somebody has been able to get password recovery email somehow. And what's the salary of administrator of OVH mailing server?