It looks like another unreported vulnerability has been used for the mass-wipe event. This vulnerability may come from the removal of authentication on a factory-reset script…