> Your central point is without merit. The "victim" is a victim, not of MtGox, but their own poor decisions.
Their decisions may have made themselves vulnerable to the attack, but (based on the information provided) they are a victim of a third-party that is neither the MtGox nor themselves -- that is, the people that actually used the malware to steal the BTC.
Their decisions may have made themselves vulnerable to the attack, but (based on the information provided) they are a victim of a third-party that is neither the MtGox nor themselves -- that is, the people that actually used the malware to steal the BTC.