So basically they used a server that could be deleted online by getting a single password (which was acquired via an SSH key for the bitcoin server being left lying around).
They didn't make offsite backups (sounds like they used to but stopped).
When the server was compromised they didn't realise that it could be deleted by the cracker.
One thing I don't understand, as these appear to have been real servers on Rackspace (you wouldn't exactly use a shared VPS, surely not?!?) couldn't they be recovered after the online "delete server" button was pressed? The top comment on the linked thread says that Rackspace had the server locked down with the only available option for the cracker to delete (which sounds very strange).
It was a cheapo cloud VPS server, I shit you not. After getting their ass stolen for that very reason at Linode.
This site had a massive running profit and still went for the very cheapest option. Rackspace even offers financial services grade servers. I bet these aren't cheap though.
They didn't make offsite backups (sounds like they used to but stopped).
When the server was compromised they didn't realise that it could be deleted by the cracker.
One thing I don't understand, as these appear to have been real servers on Rackspace (you wouldn't exactly use a shared VPS, surely not?!?) couldn't they be recovered after the online "delete server" button was pressed? The top comment on the linked thread says that Rackspace had the server locked down with the only available option for the cracker to delete (which sounds very strange).