It's very surprising news, who would expect Lightning Network protocol and client which are on development phase have security issue which could cause loss of funds 
Lol 
The fact that the loss of funds "could happen" but hasn't happened yet is more surprising
I believe the only reason why hackers haven't started looking for vulnerabilities in Lightning is because the rewards might be too small for the effort.
Its success, if it becomes a success with billions passing around in the network, will also make it a target in my opinion.