To answer some questions: This does appear to have been caused by malware. Which I've cleaned up

The vulnerability is that anyone could mask your IP and do a forgotten password exploit. This guy was able to loginto my email and clicked the link from there. Apparently there is no 2 step authentication when logging in after a new password is created. He was able to drain my hot wallet despite me replying to the text and via email that I did not change my password.

I did not keep myself off 2fa authentication for 30 days.

I have not heard too much from coinbase and I am worried that this vulnerability. I figure that this is a loss.

I am however keeping on the sunny side as I have still not lost any money in bicoin despite the theft.

Be careful out there.  

I do use 2FA. I need google authenticator every login. I wish it would have been SMS. I'm not sure how this happened. I just wish I would have kept more of them in a vault, or sold my hot wallet contents earlier.

My coinbase got hacked today. I got a message on my phone saying that my password had changed. I attempted to follow instructions to stop it, but by the time I had, it was too late and the theif emptied out my hot wallet. The only saving grace was that coinbase has vaults which give 48 hour delay. I wish that I would have transferred more coins to the vault as they were protected. Coinbase has some serious vulnerabilities, but whoever the thief was was able to login from my IP and was able to login to my email despite the fact that I had just changed my password. Be careful out there. Cold wallet your coins.