So you had $40K in your account and you didn't even set up 2FA?
Without 2FA there are so many ways an attacker can obtain your password.
If they have a thief inside a company, 2FA also will be hacked.
So tell me please the way how hackers can obtain my password, exluding trojan, and fishing? the only way to obtain my password from outside to hack https of btc-e?