My understanding is that he actually withdrawn BTCs after buying them back - presumably he was not really prepared to all this and only made the hack by accident. Withdrawing dollars would be harder - because he'd need to transfer them via standard banking systems, that takes days and could be stopped on the way and also be much harder to hide traces to the real identity of the hacker. During his buy back operation the price was back around $14 - and this price was used for the $1000 daily withdraw limit - reinforcing the notion that he did not prepare the attack at all.