IMHO it’s only a matter of time until someone blows up a unicorn just for the thrill of it. That’s not something I’d support, but I won’t feel bad for companies that don’t pay adequate bug bounties.
As of right now, what is the lasting damage done to twitter by that attack? My argument is that it honestly wasn't that much, and thus bugs capable of that amount of damage aren't valued that much either.