Whose fault is it?
> millions of people who are justifiably concerned about their private information
Is that the fault of the hacker, or the host company that cheaped out on bad security?
Since the sanctions were probation and an $80m fine, respectively, it seems to me that the judge's message was clear - if somewhat naive the sentence he imposed was based, in part, on his belief Thompson will not commit further crimes.
As it is, a fine of $80m for losing the data of 100million people sounds remarkably low. That places a value of only 80¢ on each person's "justifiable concern about their private information".
Shall we see the company making good the $250million of damage done? Or was that an exaggeration for effect.