Despite the fact that zetaray didn't see the fact that the private key didn't change, his point was sorta right.
It is already possible to completely secure an account by PMing your public key (BTC address or PGP pub ) and then signing a message with it to reclaim your account and reset email and password.
I doubt a noticeable number of trusted accounts have changed hands, so this is not as pressing an issue as it could be.
Not quite true. For example, there was a case recently in which an account seemed to be hacked. The account then was purged of all bitcoin addresses / pgp keys and then sold to an account reseller. The account reseller sold the account to another person.
The account reseller and other person both argued that the account wasn't hacked and it was the original owner just trying to claim back the account. Now in either case, all the original owner would be able to do is revoke the trading history.
I don't know, it seems as though there already were a few rather trusted accounts that traded hands, but the original members are still around.