Could be the same hacker just continuing to prod his lazy security practices. Or exploiting existing knowledge of his systems to bypass new layers.

Or he exposed himself on criminal hacking forums as an easy mark. But this is purely baseless conjecture.