This is at least somewhat reassuring to me--it means that we do have enough expertise out there being vigilant against their server logs such that attacks with serious implications can be identified in a matter of days/weeks. If people start finding evidence of exploitation in logs dating back a year, then I would really worry.