I would imagine the most likely reason for this is an unsecured or insecurely deleted wallet.dat file that was used before encrypted wallets became standard on bitcoin-qt, containing the private keys to an address from which the coins were not moved, and which was subsequently retrieved through forensic analysis of the hard drives which were either not encrypted or were encrypted with a password that was found elsewhere. The FBI press release stated the following: That quote makes the hypothetical "unsecured or insecurely deleted wallet.dat file" scenario the most likely to have occurred, in my humble opinion. Note that what is written above is written in relation to the statement put forth by the FBI about forensic analysis and the most likely reason for being able to seize a wallet resulting from said forensic analysis, not in relation to anybody that is being put forth by law enforcement as being the Dread Pirate Roberts. It's important that I don't make any comments that could be misconstrued by any party as they may have an undue influence on any legal proceedings so I will not be engaging in any further conversation stemming from this. I simply want to make a point about the FBI being able to seize a wallet due to forensic analysis of a machine seemingly turning up an unencrypted or poorly secured wallet. That's something that everybody should be taking on board; if they may have something that could be turned up in forensic analysis that could potentially put them at risk or inconvenience them in any way, they should be DBANing their hard drives, securely disposing of them and operating on brand new self-tested / self-installed hardware. Libertas