*there's always a possibility that the attacker tampered with the database. But it's nearly impossible to tell which data was tampered with and which wasn't, so either way they're in pretty hot water.
If only database technology was available for financial services where there is the ability to store transactions with auditable history as well as there being an archive log such that recovery to a point in time is possible. If only such a thing existed ....
From what Zhou posted I assume Bitcoinica was using plain old MySQL, so no luck with this.
EDIT: Unless they have done daily offsite database backups. That would help - you would just compare it to existing DB to check if it was tampered with.