(no title)

The issue was with how they handled the public disclosure of the hack. Instead of immediately alerting their clients that there has been an issue (so that - as you say - people could take mitigating actions) they stalled on giving information and tried to cover up the whole fiasco. This should give people ZERO confidence in their moral integrity.

If you run a service like Linode or DO, you need to provide certain guarantees on disclosure of security failures and maybe get an externally audit from time to time.