That's incredible if true. It would mean the hacker assumed that Cryptopia didn't keep proper offline back-ups. That would mean they only kept one set of private keys, with everything stored on online servers. In this day and age, that's difficult to believe.