No, they did not breach anything through SharePoint. The flaw is that IDIOTS exposed these servers to the Internet. I am very pro holding vendors accountable but this is just stupid. "Pro-tip" btw. SharePoint installations often have the pw sharepoint, sharepoint123, sharepoint-123 and so on in various casing and delimiters.