Absolutely right. "Who" may be unimportant if the hackers simply picked you out of the phonebook, so to speak. But how can you know whether it was a random attack or not if you don't bother to find out?
A significant number of attacks must either be inside jobs or competitors seeking an edge. In which case, "Who" is arguably more important that "How".