They did not break Threema's encryption. They simply extracted the database from the unlocked iPhone of the target person.