From the article: Wondering why using a previously compromised endpoint was a good decision. Epic fail on the part of these companies and their IT incompetence. Adding to injury, not being able to pay whatever ransom or refusing to do so. This is the sort of experience that shuts down businesses, that put profit above the security of clients and their own infrastructure. 

CloudNordic is not yet entirely certain how the attackers compromised its systems, but speculates that it has to do with the migration of its servers from one data center to another. During that migration, a previously compromised endpoint was connected to a separate network that had access to its internal endpoints, ending in disaster. 

https://www.msn.com/en-us/news/technology/cloud-hosting-company-customers-lose-all-their-data-following-ransomware-attack/ar-AA1fIfag?ocid=socialshare&cvid=57351bce517b4cb6b43b0a3aceea1698&ei=20