I’m surprised the payout was so small, I wonder how much it would have cost to rectify it, though probably the business impact was high.
The article tries to point out the attack was very sophisticated, I really doubt that given no information is provided.