The bank account is the responsibility of the bank, the employer of these "strangers" you're talking about.
Whereas, of course, the reason we're discussing SIM attacks isn't that some bad guys might use your monthly download credits, or make a phone call that you pay for (the phone company would of course undo these charges once it was apparent that their employee caused the problem) but instead that this can be leveraged to gain access to all sorts of accounts your phone company has no responsibility for whatsoever.
The security was totally appropriate for the scope in which it was intended to be used, but that doesn't make it magically appropriate for all possible scopes.
Whereas, of course, the reason we're discussing SIM attacks isn't that some bad guys might use your monthly download credits, or make a phone call that you pay for (the phone company would of course undo these charges once it was apparent that their employee caused the problem) but instead that this can be leveraged to gain access to all sorts of accounts your phone company has no responsibility for whatsoever.
The security was totally appropriate for the scope in which it was intended to be used, but that doesn't make it magically appropriate for all possible scopes.