Wow- lucky!
I think it's genius of Google (and any big company) to do this- hackers are out there already and this person (and probably any as talented and bored as him) might just as easily have hacked the site anyways just to see if he could and potentially cause problems-
Far better to motivate such potential hackers with a nice tasty bribe in exchange for how the heck they did it... I assume they have to tell Google or whoever how they got in?