Just throwing a random thought out there regarding the social engineering aspect, especially since DiceMiner doesn't seem to be the only one that's been having a lot of BTC stolen recently.  The possibility that somebody behind another large site, whether it be an exchange, mining pool, etc. could be logging BTC addresses & passwords for users and attempting them at other sites the user is associated with.