As with earlier high-profile iCloud intrusions, this doesn't appear to be a hack. Instead, the intruders took advantage of what knowledge WikiLeaks offered to reset passwords and take control. That suggests that Podesta wasn't using two-factor authentication to protect his accounts -- an odd oversight for someone long considered a high-profile target, especially when WikiLeaks data has circulated for days.
It's difficult to know whether or not 4chan members are directly responsible, or did as much damage as they claimed they did. The screenshots are plausible, but it's easy to imagine someone on the prank-prone site whipping up faked images to look like a champion to Clinton haters. We've reached out to the Clinton campaign to see if it can confirm any details and say what it's doing next, although Podesta has already blamed the Russian government for the hack that led to the email breach. Whatever it says, it's safe to presume that the campaign will be double-checking its security measures.