This article is useless. It says nothing, has no information on what or how the breach happened, and is basically security word salad with a heaping of 'these people are idiots'.
Yeah, I'm fairly sure one of the first news pieces on the attack literally said the security team discovered the breach when "alerted by suspicious activity on their customer database" - sounds a lot like an IDS functionality.