Because Cloud != open and public necessarily.
Perhaps not - that's why there's Spideroak and a few others whose MO is storing data on someone else's hard disk, but not the means of accessing it. It may well be possible to use Google Docs and OneDrive and Docs.com and Dropbox securely, but while it's possible to point to individuals and organizations who have had data compromised inadvertently, it's far less common for that to happen to data kept internally. "Default Distrust" is not paranoia, it's a response to reality.
And this is just an example of that. Only documents which were set to public were shared.
Now why the defaults on cloud providers don't err majorly on the side of caution is another story,
I'd argue that it's the same story. If the issue that documents needed to be set to 'private', rather than being set to 'public' without a default-private setting, the distinction between incompetence and malice is basically academic.
but as always there's more too this than "cloud bad hurr hurr hurr"
The cloud isn't all bad, but there do need to be very heavily leveraged expectations.