[baz00]

Yes. No one really gives a shit if their vendors are hacked. They are just happy that they have someone else to point at from a risk perspective. "They had all these third party certifications that said it was safe. It wasn't our fault.".

This isn't really the right approach because it really shows that you don't give a shit about your customers either and only care about covering your ass.

[itsthebiz]

Companies pay lip service to idiots to collect cash from said idiots. Mentioning this tends to make the dumbass business goons have a frowny face reaction. (It’s better to pay lip service than admit one is a morally adrift turd)

[JohnMakin]

That works as long as a breach like this doesn't destroy your entire business.

[baz00]

Don't think they have that level of foresight.