If Tim was a scammer, he would have kept private keys to the PK version, and swept them by now. The fact that that has no happened would make me believe "Never ascribe to malice that which is adequately explained by incompetence". He fucked up the 2FA version. Corrupted, accidentally deleted, or something like that. The 2FA coins are gone, probably lost forever. I could be wrong, but I think its the most logical explanation. Having a DB be both secure, and redundant, is very fucking hard.