> "That file (or those files) where indexed by Google (or some other search engine) and thus became available to everyone. My guess is that it became aware of it through someone who did some Google snooping and incidentally bumped into this file."
Someone did some "google snooping"? Sounds like bollocks to me. The web server would have had to expose a listing including that file before any search engine would list it.
Or someone used a 'share this file' or 'send this link' button instead of copy/paste of a link/location after possibly-accidentally uploading to the wrong place. These 'share/send' buttons cause a a test GET (or equivalent) on the file/link in question to be done by the remote share/send service and that is a 'leak' point especially if related to some kind of indexing company.