pull down to refresh

No, the attacker used social engineering (getting info about the guy) to answer security questions from Vultr. This gave him access not to one container / server but to the guy's entire Vultr web-panel. From there you can get into any box, even in emergencies where you've disabled root login etc, there are recovery consoles.