Re: does someone want to clue me in here

Bitcoin is completely decentralized; payments are done to public keys (i.e. there are no "account"s) and transactions are stored in a public database, so you may know the public keys of the perpetrator but don't have any other info (apart from what you can gather from the actual intrusion).

Another way to put it would be, you don't even need to be online to receive bitcoins, and you can also create a public key (or rather a Bitcoin address) without ever being online.

You would need to actually create transactions yourself in order to spend coins though. So, what the thief would do is, bounce the coins through a multitude of addresses they control and eventually sell them to unsuspecting buyers. Although every transaction is traceable, the original coins will be spread to so many addresses that it's very hard for a buyer to keep track.

Also, there is plausible deniability, because, since coins from multiple inbound transactions can be merged, the propagation of coins is divergent. Pretty much like the fact that there is at least one oxygen atom in your body that has been passed through the bladder of Socrates. You can increase deniability by mixing tainted coins with clean coins and then pretend that you got a hold of the tainted ones by accident. It's very plausible. There are actual hidden mixing services that would do all of this for you.

This all may seem like the wild west, but there is another aspect of the technology and the philosophy behind it that one needs to take into consideration. Bitcoin's primary aim is to do away with the need for any kind of centralization. The obvious drawbacks are that there may be times that you would wish that an authority were present. So the ongoing development is focused on addressing the circumstances that this happens. Bitcoin itself is actually a decentralized notary system, and different kinds of transactions are being developed in order to require complex rules to redeem coins. When this happens, it will considerably reduce the risk of theft, and also enable contracts that doesn't need an actual regulatory agency to enforce.