So if we allow you a pass because you were hacked, then literally everyone could scam someone and just claim they were hacked and get away with it? There's no way to prove whether a hacker scammed or not. There's no way for staff to "try and figure out who is a scammer and who isn't" when there's no information that can be admissible.
If you can come to an agreement with the person scammed, then that's fine. But by rules, you're responsible for what happens on your account. You should have notified you were hacked prior to the scam.
Ultimately, you're responsible for whatever happens on your account. If it was an impersonator, it would be a different story.
Anyway, it seems like you did end up coming to a solution with the person who was scammed.