Is it? How much would the security necessary to prevent this have cost them over the years?
Much less!!!
Most big improvements in security comes from small, cost effective changes that come along with a change in mindset.
There are some nice tools that cost a boatload of money but most breaches are because of sloppiness and a very lax attitude towards security, not because they didn't have the fanciest tool to automate logging and reporting.