TypePad does *not* have the security holes that WordPress does.
Dan, you say, "Still others guess that the miscreants gained entry through the victims' blogs, which typically used blogging software from TypePad and WordPress. Those programs have routinely been found to contain gaping security holes."
This is false, and you should know better. The results from the Pwnie awards to the IBM X-Force report to the U.S. Department of Homeland Security's reports all list WordPress among the least secure applications of any kind, not just web apps. TypePad is nowhere to be found on those lists, because it's consistently been extremely secure and reliable for our users.