Does this mean he got was able to withdraw and keep 5 btc on account of the exploit?
Yes. He had used the exploit to get somewhere in the order of over 30 BTC in profit. He did withdraw his original deposit, plus 5 BTC as a bounty for finding the exploit. Had he wanted, he would have been allowed to withdraw up to 25 BTC which was the contents of the hot wallet. But being a decent guy he didn't even make an attempt to do so, something that I am very grateful for.
I wouldn't call stealing 5 btc a decent action, or one who does it a decent person, just because he could have taken more. Stealing is stealing. The guy stole from you, and if you had investors yet, it would have been stealing from them. I understand you're grateful he didn't clean you out, but I'm still puzzled by your gushing praise for someone who is a thief.
I was in the chat at the time, here's a
chatlog. As you can see at 10:47 UTC foo was up >15 BTC and Ryan came online more than 2h later. He could've just withdrawn with a few clicks, but he didn't. He also send a support message to Ryan that explains how the exploit works, which allowed him to patch it fast.
I still don't get it. I would've assumed anybody in his position would clean the hot wallet.