Unclear how, but it mentions some servers being seized, so maybe they got access to a physical device. Or perhaps they got malware onto the device or there was a cooperating exchange.
It is less likely that the FBI has gotten access to a physical device used by the hackers. There's a mention that the funds were seized from the Russia-based Dark Side. My hunch is that there was indeed a cooperating exchange. After all, Colonial's CEO has also said that the private sector has played an important role in bringing the cybercriminals to accountability. Moreover, the FBI was also able to track the transfers of ransom funds to a certain wallet. It is possible the wallet has got the private keys and cooperated with the investigation.