Who cares if people can do mass recovery though, since they can't access your e-mail it doesn't do anything? That's why all those e-mails just say if you didn't request to reset your password just delete the e-mail. Not exactly a big security flaw.
Okay, I admit, I put this OP and thread in simple and broad enough terms.
What I was saying was: If your old email password is still the same as it was before reclaiming your account, change it.
If you did not, you are still at risk of whoever may have gotten into your MtGox possibly also having your email password(if, for example, you used the same one for MtGox or it got bruteforced/guessed then already).
Again, I love how the common reaction is "Fuck you for trying to prevent theft and warning people".