I'm not going to jump to any conclusions on who did it yet but I'm up to discuss possible scenarios.
I'm not a security expert so maybe someone who is could speak up. A lone employee (or 2 working together etc) might not be "Linode dropping the ball". There is always a human element and it's always the hardest to protect against. If it turns out some employee went off and did this and Linode comes clean / takes responsibility / makes it right and it wasn't easily preventable then I'll maintain my respect for them. On the other hand if someone can point out how they "really screwed up" when the facts come out please do it.
I'm not a security expert either but I've watched many an episode of Mission Impossible & seen the Ocean's 11, then for $2k Benjies sans armes, ni haine, ni violence
& the prospect of much more (or less) if they hadn't already had an ongoing peak somehow & timed it for max balances which it doesn't sound like, the MI scenario starts to sound quite plausible - get a temp job on Linode's cleaning services Co team & install key-loggers or spy-cams, a telephone sanitizer dood with smarts, most likely though borrow
an admin colleague's log in details or say that yours must have been pinched & for plausible deny-ability say that you found a USB stick on the ground in the company car park one morning & foolishly plugged it in to your admin company computer out of curiosity (it had gay porn on it so you dumped it) - I wonder if he/they got more or less than they'd hoped for, anyway here's hoping that they get a nice long term inside to write a memoir on their heist & it can all be good for the inevitable The Bitcoin Story
film that already has plenty of juicy Ocean's 11 type plot material