They've apparently had this key in use for more than ten years, and before this issue was widely publicised around 2010 or so a great many other major providers and companies around the world used similar-sized keys. No-one bothered attacking them, which means they served their purpose.

Also, using a small key like that means you're not pointlessly burning CPU cycles on something that attackers don't care about. So it seems like a win all-round.