As a used-to-be supporter of Plutonium, hearing this is unsurprising. I disliked Plutonium staff as most of them tend to be complete jerks. This is also shown in the way you muted every channel leaving modding and support questions to be solved on their own and I bet you you'll pull a Pokimane and filter out specific words or mute people to let this die down instead of answering questions of what actually happens next when it comes to privacy and security. Maybe because you don't even know.
There is absolutely no way that the staff member noticed them trying to breach several sensitive accounts except for their Plutonium backup? How does that even work. You would think that if you are being targeted on not just one account but several, that maybe they'd also go for your Plutonium account. Most of all, how did you notice the exfiltration of the data the first time? I bet that staff member was specifically targeted and they most likely have spoken to their attacker some day. Why would a staff member even need access to so much information when you guys treat them like friends and not workers. Hopefully this is a learning lesson that shows just how little trust there is in business whether the wrongdoings were done on purpose or not. If you guys can't even create a simple filtering system, I wouldn't expect you to take less than half a year to figure this out. Hopefully one day a different client comes about so that a lot of us can switch.
I bet you one of your culty discord followers that loves admins is going to reply with something dumb too.