I'm surprised I haven't seen this discussed here but there was a lawsuit recently where a customer's stolen credentials were used to transfer large sums of money from a bank.
The bank refused to cover the customer's losses so the customer sued and lost.
Short version:
http://www.wired.com/threatlevel/2011/06/bank-ach-theft/Details:
http://www.bankinfosecurity.com/articles.php?art_id=3705&opg=1Its possible there will be more of a move toward this in the industry.
One of the complaints about bitcoin has been that unlike a bank when your money is stolen you have no recourse.
If this case starts to set a wider precedent that could no longer be a valid argument.