[hackerman_fi]

According to the hacker (messages with tripcode on TOR imageboard) the DB was using a public IP and he gained access with root:root credentials.

[k4rli]

"What are the odds of somebody finding our database IP out of 4.29 billion IPv4 addresses?"

[snvzz]

About p=1.

It's more of a question of how many seconds it would take for it to happen.

[ducktective]

Seriously, what are the odds?

[ptaipale]

However, we cannot really know if that was the case. We have no guarantee that the message board poster even is the person behind the blackmail, and moreover, even if it is, this might be just about muddying the waters to cover what actually happend - for instance, if it was an old-fashioned stealing of data by a disgruntled employee.

Let the police investigation find out.