If they have your wallet.dat file (which probably happened in this case), they don't even need to visit Mt. Gox to perform transactions.
The guy had a Trojan loaded up onto his computer where he stored his bitcoins. All this two-factor authentication stuff people are talking about is for `naut. He was attacked by a virus, and that virus stole bitcoins straight off of his computer.
The guy had a Trojan loaded up onto his computer where he stored his bitcoins. All this two-factor authentication stuff people are talking about is for `naut. He was attacked by a virus, and that virus stole bitcoins straight off of his computer.