I wonder how the hacker got network access to the database? I couldn't work out from what I read. It said the DB had a weak superuser password. But it didn't say how the hacker managed to make network calls to the DB. Presumably there was some initial entry point to get inside the network? It sounds like maybe the web-application user verification was poor and the app allowed admin users to make arbitrary DB calls?
> was able to hack the low security password of a SuperAdmin, and gained access to an unsecured script, which was available only for SuperAdmins. This script allowed him to perform SQL injections and extract the data.
Depending on the injection vulnerability data can be exfiltrated, there are tools like sqlmap https://sqlmap.org/ which make it pretty easy to dump tables via injection
