I think the solution could be to have all incoming and outgoing transfers require 200 confirmations. That would give everyone time to stop the hack, once unusual activity is detected.
There is this rule that you can't withdraw more than your account balance and still they took 120k btc so what makes you think this rule would stop hackers?
So this would only make it uncomfortable for normal users.