Great timing with the post noisy, this one rings close to home for me. I'm only disappointed that you guys didn't get to my other account first @ricardoguthrie! The same exact thing happened to me and I was kinda embarrassed and felt stupid about the whole thing so I'm kinda relieved that other people actually made this mistake too so I guess its not so stupid after all. I didn't really have a lot of steem so I didn't worry a lot about it initially. Anyways submitted a request using the account recovery tool and It has been several weeks and nothing! I just have to watch as some dishonest person transfer away my beloved steem every week while I wait for someone from HQ to rescue my account!

So here is the suggestion:

As soon a Steemian notices that his/her account has been compromised. They submit a request using the account recovery tool (with valid Account name & recent password✓).

I think it could be useful to create an algorithm that automatically blocks transfers associated with the compromised account in question once a stolen account request was initiated with a valid username and recent password.

This could mitigate against the loss of hard earned steem/sbd during that window right after submission of info to the time when HQ actually gets to it.

The percentage of users that is affected by this is quite low so I doubt it would be feasible for the developers implement this in the framework.
But It just makes a lot of sense immediately block all transfers on any disputed accounts until the account owner can be verified.