This is the 3rd MtGox account I've heard of that's been cleaned out in the last week. A new vulnerability, perhaps?
None of them had two factor auth. If there is a vulnerability on Mt.Gox itself I think I would hear more bad news... The botsnets of this world are seriously big. I think more and more bot masters let their bots harvest BTC related data.