The attacker was able to empty the balance on accounts with the API key enabled. The issue is being actively looked upon. API access has been disabled.
Everyone who has lost money will be fully reimbursed.
Oblivious to what was going on today, I withdrew from coinlenders & have not received it in inputs. I assume the reasoning behind this is related to this situation. Thanks in advance for your hard work and service provisions. Godspeed...