>The apparent lack of any real operational security by either of the accused here is so common that it is hardly remarkable.

I'm always surprised how people who exploit IT systems weaknesses for a living seem to be themselves fairly weak on security and hiding their tracks.