Maybe only a few would have considered the possibility of a commercial site dealing in tens of thousands of dollars in value every day as not having the basic sense to have offline backups, and not give out root passwords to anybody who stops by THE FIRST TIME.
When a similar, and highly suspect repeat happens a matter of weeks later? Every single person who sent a penny to this service should have been thinking about it. And given the history of the brain trusts that think profit can be fabricated from thin air, I suspect that there were a considerable number who actually were PREDICTING a similar failure, and not investing in this shaky gimmick.
The worst thing is that Bitcoinica Consultancy has actually stated that they believe that their decision to make fixing the code their priority was the correct one
in spite of this happening - implying that fixing the code and ensuring that their servers were secure were mutually exclusive options. It's inconceivable to me that after the Linode compromise they chose one of the cheapest shared hosting options with Rackspace and that they didn't regard redundancy and being able to
shut down access to the server if it was compromised as critical. They made these choices
after they'd performed a security audit which should have revealed that their servers were still vulnerable.
And yes, I think that many users only pay lip service to the risk of losing their money when they place it with Bitcoin service providers. How many times do hacks, scams, account freezings and outright thefts need to happen before people stop being totally blinded by potential profits and accept that few of these services have sufficient resources to absorb significant losses and that many of them are one critical incident away from being insolvent?