No, it was not a bug. CoinDash wallet was changed to hacker's wallet on the website where the company was accepting ETH at ICO stage. This lead to deposition of ETH to hackers account. The current transfer of money is directly from that wallet to CoinDash's wallet. So there is no bug, it was intentionally done. Cybercrime branch is monitoring hacker's wallet address to see any possible future suspicions activities.