Welcome to the club, we're growing in number quite fast by the hour. Unfortunately don't expect much sympathy from some folks around here as they think that we're all idiots that use passwords like "lolpassword" and click on every single ad banner and open every email link we find and buy gold willy nilly.

There is, as you said, NO easy fix. I'm going on day 7 without any word whatsoever from SE. Talked to them twice, once via phone and another via Live Chat. I wouldn't bother utilizing either as they're honestly about as useful as a condom with the tip cut off. Some people have stated they got an email stating that the account was being accessed from an unfamiliar IP address, but those are sporadic and seems to be a very few amount. Some even say they had a Security Token on their account and STILL got hacked. I have no reason not to believe them either, they have my sympathy. I just hope that SE gets their head out of their ass and realize that there is something tremendously wrong and it needs to be resolved soon or they'll be losing a lot of customers due to their continued lackadaisical methodology.