Radiant is controlled by a multi-signature, or "multisig" wallet with 11 signers. The attacker obtained three of these "private keys," which was enough to upgrade the smart contracts.