By decoding the old unlock script, it's easy to get the SHA256s of subscriber emails who have solved Puzzle#1. Then cracker can calculate the P2SH address of each subscriber's fund.
And finally steal the funds haven't been claimed with the help of oracle.