I posted this in the other thread, but it deserves repeating.

Here are my suggestions for all victims.

1. Sell ALL USD immediately. There is almost certainly not enough USD to pay out.
2. Withdraw ALL BTC immediately. Unless fractional reserve was employed, there should be enough. No BTC was reported to have injected, so this may be your only option of financial recovery.
3. Change passwords for other websites immediately. The database is likely to leak, if a SQL injection was the culprit.

Best of luck to all victims.