I don't like the use of a centralized validator, and would not trust any coin that uses one. It appears they are rolling back the IOTA blockchain to reverse the transactions involving the stolen coin. Etherum did something very similar in it's early days when a hacker exploited a flaw and drained coin out of the DAO, although it has something resembling consensus before doing this.

Step 3 is a snapshot will be taken of the IOTA network from before the hack, and any transactions involving compromised wallets will be rewound. A 3rd party service will then perform a know your customer (KYC) identification process to return stolen funds.