So far I received 2 emails about this pool hacking attempt (requesting pw reset instructions)... Checking the logs, so far do not see any success in withdraws, these withdraws seemed to be based on being scared out of the pool and our normal users withdrew all funds the pool had, adding funds now from cold wallet...

What will they try next?  Inblue posted a message they were trying network time attacks also, attempting to inject the chain 240, 900, and thousands of seconds in the past - which failed since we have the NTP protection.