[tiredofcareer]

> So for the hackers to get the decrypted private key, then either Linode must have royally screwed up and kept the decrypted key in-memory during the rest of the month (which seems rather unlikely),

They bill you the moment you add a Linode, automatically, if your credit is not sufficient to cover the new Linode. Careful walking that assumption too far; I think it's safe to say the key was kept in memory.

[MertsA]

Well it's not like it originally comes in encrypted with the public key, it has to be on there for a short amount of time already, why would they keep the unencrypted version around longer than the initial billing?