So according to that address is looks like $11 million worth of ERC20 tokens are stolen. I am wondering whether this was a hot address and not their entire ERC20  balances. Because why didn't they use cold storage since they are ETH tokens and cold storage is very easy to do.

Maybe there will be a haircut like on most exchange hacks in the past, however no idea what % was exactly stolen. Also wondering if they stole any other coins like BTC, LTC , etc.