How sure can you be that this malicious ex-employee isn't currently draining the bankroll by playing with a leaked seed?
We rolled back the admin update that it was deployed with the buggy code with an older version(lesser features and more PITA for us to do things but works and its made by us).
Can you provide portions of your time stamped version control repository so we can verify there is actually a third person, a malicious commit, and a rollback? It's probably not an issue now that slight amounts of code will be released from this.