Does this mean the problem was not limited to the reused R values, all transfers were compromised during the few hours while the bug was not discovered? If I understood you correctly, if you seed the RNG with time-stamps from that short period you bump into the transactions which haven't had reused R values, that's how you got this private key?
Also new wallets created. And "this time period" is somewhat ambiguous due to caching. For all I know there is some browser tab up someplace running this code that could generate an address and and receive 1000 BTC at any moment.
Well, that's not absolutely horrifying, is it? damn.