No, it does protect against that.  If an attacker breaches the exchange, they can not place trades on behalf of a user unless that user makes a trade after the exchange is breached.  That's the key point here.

You can't protected afterwards given that the exchange must be able to easily move coins around and must be able to transfer coins when an exchange match is made.  The alternative to this system would be for the exchange to wait until the user transfers coins from their BitCoin wallet and then wait one hour before the trade actually takes place, which is not an acceptable system for an exchange.

There isn't another way that the exchange can have the private key as needed, the information to use the private key for signing (such as decryption information), and still not have an attacker be able to observe those variables.