There is a slight difference. If you're running a web server, this is a service designed to share your information with the rest of the world. If, for example, you have some data that is only accessible by typing in a URL--ie. you don't have a link to it--is someone "hacking" if they access it?
In other words, the analogy with physical security is a false one.
Poor security = no security. You are literally inviting people to read your data because you have not made a proper effort to conceal it.
If you don't agree with that, consider the alternative. We live in a world where half assed managers can simply rely on their lawyers, and bribing government lawyers, to sue everybody in the world to keep their systems secure.