"Seriously, this was a SQL-Injection vuln and they'd been breached 2 previously documented times this year alone...."
And WTF did she mean about previous attacks being by 3rd parties? Which party were this lot of hackers from? 1st? 2nd? 5th column maybe?
I really don't know if she's as stupid as she sounds or if she's an expert at marketing bullshit and thinks/knows she's talking to technical illiterates.
The unfortunate first response in this country (and many others, we are not alone) when something goes wrong is to blag it and keep blagging it until the evidence is overwhelming, then to back-pedal and claim [insert new excuse here] even after being convicted.