The first thing you should do is to change your password into something secure and write or store it into some secure place. Next thing is to avoid, as much as possible, clicking some emails into the email that you used in registering into this forum. Next is to be sure that you won't post any of your personal info of yours in the internet; hackers could definitely use it against you in some attempts of attack and/or blackmails. If you used the same password in this forum to another online site, change them so as to minimize the risks of getting those other accounts compromised.
He should also change all the password (of various accounts on the exchanges, etc...) if he used the same one for all the accounts (a bad practice). You should change them quickly if you want to save your 'internet identity). However is really 'fun' that with a simple attack you can ruin a lot of things... was it really a soc. eng. attack?
I'm not quite sure whether it was a social engineering attack or not, but theymos stated on twitter that it was one.
https://twitter.com/bitcointalk/status/601556710130515969
--
Yep I forgot to include that you should also change your passwords quickly if you want to make sure that you still have full control over your online accounts.