Fair enough to the guys for having a setup that is decent enough that even rooting the machine gets the attackers no where.
More worrying though, why on earth are LBC using an (obviously shit) hosting provider and not co-locating their OWN machines in their OWN SECURE RACK in a SECURE facility?
Good point Uhoh - not sure exactly why they moved from German to Swiss servers? Might have been a cost/security/jurisdiction issue.
Think the notice did state that they do keep all KYC/Phones Number/Email data on a separate server. Hopefully that's not in the same place!
They initially gave a 24Hr ETA on fix, so we should hear more from them very soon, if it takes any longer.