Great point, there could be other ways to verify (without doxing). A huge downside would be that 'verified' Bitcointalk account can be sold/used in scam attempts ( making me reconsider my suggestion).
Yes, a hacked account with a 'verified' badge could be used to swindle more people and with greater ease than normally even if it got neg-repped and flagged.