You should enable SMS authentication and Google Authentication. You need 20 points to be able to send coins out that way - so they need access to your sms AND your google authenticator app. Coinjars SMS is an added free service. IF you put 2 things on, thats very secure - and then its coinjar's fault as they cannot blame you.
They should be able to give you an IP log of who accessed your account - send that as a ticket. If they dont - you can do a police report and sue them for negligent perhaps as they failed to give you supporting information in regard to your theft. They Police can have that power to send them a request for information if coinjar do not give it over to you.
In terms of making btc - just offer your service like how you do with Dollars. Give people value, and they will give you money back.
Read Tim Ferris's blog - that guy is awsome at making passive income.
http://www.fourhourworkweek.com/blog/I know this sounds harsh - but let it teach you a good lesson on how to keep your money safe. The power is on your side now...think of it as a learning curve and focus that energy of yours into making money.
I've lost a lot of money on many things in the past.