If someone had their masternode coins stolen it was probably due to poor security on their box.
With almost 400 masternodes I'd be shocked if someone didn't have their coins stolen.
For people's peace of mind, I still think the private keys should never need to touch the masternode. All thats needed to validate ownership of coins is a signed message. The user should be able to sign a message using Darkcoin QT on an offline computer and then transfer the signed message to the masternode using a USB drive. This signed message contains all the proof that the network needs for authorizing the masternode to receive dividends and process darksends.
The point of doing masternodes this way is to weed out people who have no business supporting a mission-critical targeted service... If you don't know how to protect your box, then you shouldn't be doing it. But, greeds drives people to do stupid things they haven't the skills to handle... It's rampant in corporate IT. NEver want to spend money to do it right, just spend enough to make it barely work...