That’s very unfortunate. 
-
Did you already start working with law enforcement? Might be worth, as the exploiter’s account has received some ETH initially from another account that has interacted with CEXs, so high chances to identify the exploiter.
-
We should probably get both accounts (Safe and hacker signer key) marked on Etherscan.