I remember at the time the consensus was that the email host itself had been hacked

It was running on outdated software with known vulnerabilities