compromised as part of what we suspect to be a wider Mailchimp security incident that affected their customers, targeted at crypto and blockchain.

As of August 9th, we have migrated email services away from Mailchimp.

Correlating password reset events from the attacker IP address via our API logging, we confirmed the small number of DigitalOcean accounts targeted by malicious password resets. Though not all resets were successful.

So there were "crypto and blockchain" organizations whose Digital Ocean accounts had been successfully taken over by the hacker/attacker.

I would bet the attacker would have gone after any larger / well-known ones first.

Another reason to get your coins off any exchanges.

If I remember correctly it was access to emails in MailChimp accounts of crypto companies. Their Digital Ocean accounts were not taken over.

Hacker gets emails from Mailchimp.

Hacker finds which emails are for "crypto and blockchain" companies and does password reset requests at Digital Ocean. Some of those attempts are successful. (Digital Ocean doesn't say how that was successful)

Hacker then has admin/root access to the "crypto and blockchain" hosts running at Digital Ocean.

At least that's how I interpret what I read.