This CNN article talks about one of their reporters being hacked --- at his request --- & shows how hackers can exploit service providers & use information you share to get to you.
Which brings me to the subject of the post --- whose responsibility is security?
As a service user, should my service provider take a hit, I'd be affected as well.
Be it information / identity theft, service unavailability, fraud, etc., if I'm going to be impacted, I would want to ensure my security.
P.S. There's really nothing new here, so this board may not be the place for my post; @Kaity, please move it as needed.