OK I think I get it - so the hacker(s) simply "broke in" to the server (this is the breach) - took the key(s) and started to transfer BTC assets from the Bitfinex wallets using the illegally obtained key(s). Is that close to the thing you explained? And therefore, since the correct measures of processing was used (keys) no ripple or trace of false identity is possible. And ownership of any BTC or Satoshi can be changed between to key holders only - and that change is added to the block and therefore verifiable.
A little like if my brother took the key to my safe, takes my 50$ and spend it and I later went to the shop where he spend it to claim it back. And I don't get it back...
Thanks a lot for taking your time explaining the nuts and bolts of the theft!