Since so many were hit by the very same ransomware group, it's likely that the attacker spotted a second exploit during the first attack. It's easier to spot things when you've already busted your way in and have the run of the place.
i.e. An attacker breaks into a system using one vulnerability, spots a few more vulnerabilities while snooping for data, files them away for future reference, extracts a ransom, and then repeats the process later after the victim fixes the first vulnerability but fails to address the others.
The takeaway lesson appears to be that, if you are hacked and fix the vulnerability that made it possible, you shouldn't stop there. You're marked as a target that pays and detailed information on your system is now out there. Even having fixed the first hack, you're more vulnerable than ever.
i.e. An attacker breaks into a system using one vulnerability, spots a few more vulnerabilities while snooping for data, files them away for future reference, extracts a ransom, and then repeats the process later after the victim fixes the first vulnerability but fails to address the others.
The takeaway lesson appears to be that, if you are hacked and fix the vulnerability that made it possible, you shouldn't stop there. You're marked as a target that pays and detailed information on your system is now out there. Even having fixed the first hack, you're more vulnerable than ever.