They exploited a previous vulnerability in the password manager the man used until they found the right one.