No, the Ripple webclient wallet is decrypted client-side in the user's browser.  So they just grabbed the encrypted wallet and cracked it locally.  Blockchain.info wallets works the same way, so they can also be cracked like this.

It's possible they grabbed a bunch of wallets around the same time that maybe should have tripped an alarm on the Ripple wallet server, but we don't know, and there's nothing Ripple can really do to perfectly prevent this.  The user has to pick a good passphrase and ideally also a non-obvious wallet ID as well.

Edit: Most of this is wrong, as I realized after seeing this thread.  The Ripple wallet is indeed decrypted locally, but the blob vault (wallet server) requires a hash of username+password (not just a plaintext username as I had assumed), so in order to try 62k passwords on BRules' wallet they would indeed have to make that many requests to the server.  Sorry for spreading false information.

I did just try blockchain.info MyWallet, and, for a simple (no extra security enabled) wallet, I could decrypt with only data obtained from https://blockchain.info/wallet/?format=json&resend_code=false and a local decrypt.  If you enable more security I think you would be safer than this though.