I think most of the "HACKS" are inside job, if I was the server admin or database admin I can easily steal all the keys and to make it more realistic I will purposely leave holes on the servers to make it look like it was externally hacked.