no company really cares about security, until it is to late. security costs a lot of money.
you have to pay skilled personal and hackers.
There will be always some vulnerabilitys, even when it is in controll of the goverment.
On the other hand, if an exchange never got hacked it begins to look suspicious, as if it had been set up by the hackers themselves and were going to run away with your money in the nearest future...
I don't know what happened at Polo (if anything happened at all), but I can only repeat:
it is not a question of if but when an exchange will get hacked, go bust, or just plain ole run with the money