Go on then, how were the crims able to do this? Are there any online crypto exchanges/wallets that only require a mobile phone number to get in? Surely a username/password was also required? How did the criminals get those? I wonder if he's not telling the whole story and is simply trying to put the blame for his own poor security practices onto someone else.