Regarding the Bitcoin Consultancy and questions about why they haven't been more active in this mess...I don't know what their arrangement with Bitcoinica is, but if they hadn't fully taken over the operation of Bitcoinica and had no responsibility for the security or theft, then they might be wise put their relationship on hold until Bitcoinica sorts everything out first. If the Bitcoin Consultancy had nothing to do with the security issue there's no reason they should have to clean up someone else's mess. At the minimum they would probably want to first arrange compensation for the time and effort that will be required for them to clean up the mess.
It's very hard to judge whether they had anything do to with the security issue, because everything contributes to the disaster.
Patrick - compromised email server.
Me - improper access control.
Bitcoin Consultancy has fully taken over the management and the relationship is final. However, during the transition period, the access control is not defined properly and resulted in this problem. I have no knowledge of an insecure email server but I assigned admin rights to its user.