If i understood properly from what i read, my bets would be on the the hacker having had access to your smartphone.
Either via some malware you installed OR via known security holes in the software installed on your device and or known backdoors the NSA builds into every such spy-device known as smartphone, the hacker also knew about.

It is my understanding that via your smartphone you accessed also your email, were trading on bitstamp and also using it for the 2FA

So the hacker had access to your email password via the phone, bistamp password, and of course the 2FA  (be it a keylogger, trojan with full access, NSA backdoor, security hole in your smartphone OS etc)


The above is the reason why i refuse to own a smart(dumb)phone and decided to use an old laptop with linux to do the 2 factor authentication for me.

The laptop will never touch the internet ever again. The codes for the 2 FA are on a usb stick and also printed out in case of hardware damage allowing me to restore the 2FA on another device if ever required. (you have to make sure the clock on the laptop displays the right time or 2FA won't work)

There are probably many ways to do the 2FA in linux, like using jauth, or installing virtualbox and then install android within it(old laptop too slow for this), but i decided to use wine and used winauth inside it.

To use winauth you first have to install dotnet 4.0 however, and that is not so easy. Tutorials on the net using winetricks did not work for me. I ended up copying the whole msnet 4.0 folders into the appropriate locations in the wine folders from a win98 install in virtualbox and to my surprise it worked...