Not all of Flexcoin’s customer funds were vulnerable to the attack. The company offered users access to an offline wallet, or “cold storage,” which wasn’t accessible to hackers. According to Flexcoin’s website, these funds will be available to their owners soon.
Users who put their coins into cold storage will be contacted by Flexcoin and asked to verify their identity. Once identified, cold storage coins will be transferred out free of charge.
As for those who lost their funds in the “hot wallet,” there appears to be little hope of regaining their Bitcoins. Apart from a promise to “work with law enforcement to trace the source of the hack,” the company simply directs users to the terms of service. What they find there, however, isn’t likely to be very comforting.
Security: While the only computer that is 100% safe from intrusion is the one that is turned off and unplugged, Flexcoin takes your security very seriously. … We have taken every precaution to defend your bitcoins from hackers and/or intruders. However, Flexcoin Inc is not responsible for insuring any bitcoins stored in the Flexcoin system. You are entering into this agreement with Flexcoin Inc. You agree to not hold Flexcoin Inc, or Flexcoin Inc’s stakeholders, or Flexcoin Inc’s shareholders liable for any lost bitcoins.
Flexcoin noted that all funds were routed to two addresses, published on their site. According to CoinDesk’s examination of the blockchain, neither address had been used prior to the March 2 attack.