OK, but the title is rather clickbait. There was no PGP compromise per se. They just obtained private keys.