The problem is, that they are no different than any of the others that have been cracked. Every last one of them is running windows and have outsourced to India. Now, 30 years ago, when considering security clearences, payrolls were looked at. Why? Because if somebody was on clearence and had too low of a salary, they could be bought.
Well, the Indian coders are paid less than $10K / year back in India. All it takes is somebody from china, Russia, North Korea, Venezuela, Iran, etc to offer just ONE of them 100k (or 10 years worth of their salaries) to release a bug in the production systems. Of course, it is happening.
This is how and why these companies are getting cracked. What is really needed is for customers and banks to SUE these companies, and NOW. And not just the company, but the CIO and CEO for putting their data at this much risk. Once CEO/CIOs are looking being held personally responsible for their actions, well, things will change.
Issue solved.