http://forum.bitcoin.org/index.php?topic=19221.0in short:
did not reuse password.
did not use email during registration, instead wrote down login/password to keepass.
brand new mtgox.com account.
funded it with 50.56 and after 3-4 hours unable to login to site.
it could not be hacked from email, since email was not used during registration.
no trojans found and computer was offline.
did not visit any websites in between so recent CSRF issue did not affect me.