That isn't actually what happened, but I don't doubt that's how you've remembered it.
Comodo at this point controlled the CA roots that had belonged to Symantec. Trustico, a Symantec reseller (same sort of relationship to Symantec that your local Ford dealer has to the Ford motor company) asked Comodo to mass revoke thousands of certificates it had sold to third party subscribers as reseller for Symantec.
It's not clear what Trustico hoped to achieve by that, maybe they believed they could get back the cost of the certificates? We don't know the details of the (confidential) contract between Trustico and Symantec or to what extent the contract terms survived transfer to Comodo. Maybe Trustico just wanted to push its customers into new deals, because it was not a Comodo reseller and risked being frozen out.
Anyway, Jeremy Rowley, a Comodo VP asked for a reason to revoke these certificates, and by return he got thousands of private keys. Private Key compromise is a valid reason for revoking certificates, so Rowley confirmed the certificates matched these private keys and Comodo began revoking them.
Trustico are the people who had thousands of private keys. A CA is strictly prohibited from having your private keys (and as we saw, if they are shown them they should revoke your certificates) but of course whether a CA enforces this rule on its resellers (via contract terms) is a matter between the CA and reseller. The whole point of private keys is that they're private. So, in one sense Trustico's customers got what they deserved - do not give your private keys to some reseller or trust them to pick keys for you.
Nothing went wrong at Comodo here. And if you as a subscriber followed good practices you weren't affected either even if you'd bought certificates through Trustico. Only customers who'd gone with Trustico and done something inherently unsafe got burned.
