The article gives advice to change your passwords because of leaks. So as the post above suggests, it really sounds like they reused their google password somewhere. Then had Google sign-on for Coinbase, or had their Coinbase password in Google.