I would say the risk of identity theft for over 150 million people justifies some preventative measures. And yes, there also were hundreds of lawsuits.
Not to mention the various dating app leaks that led to extortion, suicides and leaking of medical information like HIV status.
And not to forget the famous Therac-25 that killed people as direct result of a race condition.
Everyone in business is move fast and break things and let people die if it's cheaper until regulations force them not to be. Software is just new enough that mostly doesn't exist yet.
Systematically violating people's privacy while not caring about protecting their data is not culture, it's called a problem.
Perhaps they could move even faster and scale better by collecting and storing less data. Moving forward fast instead of moving frantically while looking for things to break seems more reasonable to me. But then again I'm not the kind of person to become a billionaire tech CEO who's unironically bragging about being called the Eye of Sauron, so what do I know.
https://en.wikipedia.org/wiki/2017_Equifax_data_breach
Or how about four suicides and 900+ wrongful convictions?
https://en.wikipedia.org/wiki/British_Post_Office_scandal
Not to mention the various dating app leaks that led to extortion, suicides and leaking of medical information like HIV status. And not to forget the famous Therac-25 that killed people as direct result of a race condition.
Where's the threshold for you?