Why not more information? You failed to answer some very basic questions that everyone is wondering:
- How much was stolen?
- How much will those with more than 50 BTC be missing when they attempt to make a claim?
- Why aren't you covering the stolen amounts out of your own coffers? It was your site security that failed, not the fault of your users.
- Given that your company is insolvent (obviously, or you would be able to pay everyone back in full), are you not afraid of being sued for the remaining amounts and then being investigated for criminal activity as a result? It is against the law (at least in the US, not sure about European countries) to display favoritism to one creditor vs another when you know the company is insolvent. All account holders should be taking the same haircut and be repaid by the same percentage of their original balance.
FWIW, I have no stake in the game. I am just disappointed in how this is being handled.
I do have a stake in the game, and I don't give two shits about how much was stolen or the internal details of the bookeeping. I won't hold Paymium at fault for not making public any more info than they have to in order to come to the best outcome possible. It's common sense to keep quite about extra info.
It was dumb to hold large sums on Instawallet (and, arguably, to use Instawallet at all), so if an attacker milked the high value accounts first, it would, by accident, impact those according to their level of ignorance/laziness.
I would say that it is not completely outside the balance of reason to issue full refunds to those who's accounts were left unmolested (when they've provided adequate proof of ownership) then try to pay back the hacked value holders as possible. Indeed, doing otherwise might add extra difficulties from a legal perspective if the attacker accessed the stolen wallets via the stolen URL which seems likely.
edit: added missing 'not'