I don't know if he really managed to collect such a big amount of money but we can't say it's not possible, since the 2fa key is the same one for login and for withdrawing funds at Stake. 2fa codes change every thirty seconds and are usually accepted during 1 or 2 minutes by websites, so if one phished user enters his 2fa code to try to log into the fake Stake home page, the hacker can steal his code and use it during several dozens of seconds and even minutes to enter into the account victim and to withdraw their funds.
Stunna has answered our question that no funds or KYC were stolen because hacker only managed to get into email not to the place where important data is stored
Regardless of whether the statement can be trusted or not, what is clear is that we still have to anticipate changing the password and activating 2FA is the most appropriate solution at this time. However, this is a warning to stake.com to continue to improve security problems like this are very vulnerable to user trust.
There are too many people who are asking for a proof and didn't believe Stunna (or didn't see his messages) and thats not something Stake should care about because A- we are in just bitcointalk, they have a much much bigger audience then here and B- they do not really need to prove anything to anyone and still can be trusted by tens of thousands of people because of how amazing they have been so far.
If anyone saw what Stunna said and still do not believe him, then by all means they should not be continue to gamble here because if you don't believe in the word of Stunna then I do not know what would make you believe or be convinced that all is doing well.