I'd say to hire them...
If they're so good at what they did to infiltrate your corporate intranet & make off with hundreds of gigs of data, perhaps you should hire them to harden said networks from similar attacks? Then, if they decide they enjoy their new job, perhaps you can put them to work debugging your source code to remove all the security holes you've obviously missed.
Just a thought... =-J
/Snarky Sarcasm.