Hacker gets emails from Mailchimp.

Hacker finds which emails are for "crypto and blockchain" companies and does password reset requests at Digital Ocean. Some of those attempts are successful. (Digital Ocean doesn't say how that was successful)

Hacker then has admin/root access to the "crypto and blockchain" hosts running at Digital Ocean.

At least that's how I interpret what I read.