This type of attack seems to be becoming more and more common - social engineering the server provider to gain root access. Good work by the localbitcoins guys in making everything so secure that even with root access the intruder (probably) gained nothing.