Come on. The second and third emails mentioned almost certainly looked like this:
First: "You have a problem with your database credentials being shown here ..."
Second: "Sorry if you didn't get our last email, but you have a problem with your database credentials being shown here ..."
Third: "You've got some seriously confidential data in your database, and it's a crime to leak it or not report a breech, and your credentials are right here. You need to fix it."
Then the response. The article notes that the credentials were fixed after the press got involved, not beforehand. You have decided based on no evidence at all that the researchers wanted money, but as the problem they found wasn't fixed, they could easily have just wanted it fixed. Like many other researchers, if someone won't fix their problem which is actively affecting others, they go public. For a similar reason, if you were periodically firing a projectile from your house onto the street, I'd try to make you stop and if you didn't immediately do it, I'd report you to protect pedestrians. No money involved.