More work. Since the users don't care about this breach anyway (which is why it hasn't been solved yet), it's not worth the developers' time.