One thing I don't completely understand about the web site hacking is: Even if the web site is hacked, it's just a visual representation of what profits are being made. Most if not all the money would have to be in exchanges. I don't recall reading or hearing about multiple exchanges being hacked. I could be naive in how the whole process worked, but it just seems like in order to do arbitrage you would need multiple accounts in multiple exchanges and money in all of them, not sitting on a web sever.
He claims that the hackers changed the deposit address on the website so people transferred directly to the hackers instead of Btc-arbs addresses, furthermore he claims that some user accounts were compromised and they requested a withdrawal to their addresses.