If all they had to do is get access to an employee's computer to transfer to their wallet. It looks like institutions holding large amounts of it are gonna have to put security procedures in place to prevent that kind of attack from being successful.