We don't know if or to what degree any hacks occurred but I'm not sure why this was so easy. It truly underscores the importance of implementing end-to-end security measures. I hate to beat a dead horse, but a simple "security as a service" (SECaaS) solution would have probably nipped much of this in the bud. Too many enterprises (web hosts, SMBs, you name it) are relying on manual updates for security and it's putting their own users/subscribers/customers at risk.

In some cases, clicking on a simple link would have been enough for [a hacker] to take over the accounts of anyone using five large hosting providers