Some pool is probably exploited and doesn't know it. There have been several sites that have previously disclosed intrusions. Where else did you use your mtgox password, you must discover the source of the hack (and not use the same password twice!)
Yeah, learn from mistakes eh? I thought I did that when I learnt the importance of backing up stuff. (oh, better reset passwords to the backups too, hehe, j/k)
Anyhow, it's probably too late to bait them which is a bit annoying. I've tried and asked Mt Gox for info around the 2-3 failed logons to see whether they can supply the passwords used or the hash generated (assuming they don't store passwords in clear text). I wasn't surprised when the request was denied - until I have filed a police report.
*boggles mind*
