@Jaybus, that is a very reasonable explanation as to why this might have happened. If I may add one more thing, though, it doesn't matter if is a startup or a big company... Universal attitude is that they aren't going to get serious about security, unless something really wrong to harm consumers happen. It's unfortunate...
It comes down to inadequate software QA and too much quick and dirty coding. Due primarily to cutting costs, and also to quick turn around times, coders are not given adequate time to actually think about what they are doing. This is particularly true when deploying the latest greatest processor with yet more new instructions, meaning that there will be delays in the hardware design, there may not yet be a simulator that isn't buggy, and even less time for coding and testing. There seems to be this attitude of "Don't worry. We can release new firmware after launch.". I think that is a poor approach leading to disaster. Good pre-launch softwware QA is the best way to avoid trouble.
@Larryang: Thanks for the link. AKaren's question of how the FTC took ownership of this issue...and what it will do with it next is an interesting one.
Here's an excerpt of what the FTC commissioner will say at the NYU event:
"Commissioner Brill ...believes [Big Data] presents fundamental challenges to traditional notions of individual privacy. She encourages the highly decentralized community of Big Data purveyors to adopt practices that follow laws that already govern the way data can be used and calls for industry to engage in robust de-identification of consumer data."
Few weeks back, there was a news about Facebook CEO Mark Zuckerberg's Facebook A/C was hacked by a security researcher from Palestine, who reported a security hole in Facebook. Was that authentic news?
The more & more "things" get connected around the world, for sure security is the most important part and there are lots of opportunities for the security professionals and so called ethical hackers as well as lots of challenges ahead as the threats are also going to get increased multifold. The fear of threat makes me to think twice before sharing any personal info on the web.