Ok, I'm @CryptoRussian on twitter and C-CEX asked me to look into coin source to help with analyzing problem.  

I haven't found something suspicious or intentional in the code, at least where I looked, but bug certainly exists. C-CEX used rpc call to get new addresses for deposits(just like any other exchange) and after migration to the new version(with instructions provided by the developer), wallet started to behave strangely, instead of generating new addresses for deposits - it returned previously used addresses from the key pool. I'm waiting to hear developer explanations on this issue, I presume migration wasn't really tested extensively and there are some other issues in the code that can blow up eventually.

C-CEX had their mistake with assumptions about the addresses being unique, well, call to getnewaddress assumes that you get new address instead of old one. Unfortunately this lesson wasn't free.

As for price and loosing your coins.. well, developers should test features before releasing them, traders/miners should expect to loose coins due to bugs in the wallet, nothing new.