Well at least they have working backups
"We have mirroring capability, which means things are backed up instantly. We also have daily backup on top of mirroring. The issue was that the bug affected the mirroring system as well. Hence, we had to go back to daily backups. These types of database bugs are not like computer crashes. They build up over time. So we had to go back to a time where the database was free of this bug."
Translation : We thought we had ALL the safeguards, but it's complicated.
And it very likely is complicated. Hopefully, this experience will have taught them to root out that bug for the future. If no data was lost and nothing was breached, then there's no real harm done, right ? We can chalk it up to a learning experience and go from there.