Interesting discussion in all the comments: A lot of you have made a good point, why should Steemit stick its neck out for the hacker? I guess this is what happens when you hack a law firm. The law firm is going to sue whoever they can -When you have a hammer the whole world looks like a nail. And when you are a law firm, the first inclination is to sue. It should also be pointed out with steemit had significant layoffs and is not exactly in a financial place to fight a lawsuit. Lawsuit's get very expensive fast -racking up bills of $250 to $500 USD per hour. One has to think about -if you were the executive, is this where and when you want to fight? A lot of winning in war is strategically engaging the enemy when the odds are on your side. From Steemit's perspective, this is only going to bring bad news and bad attention and is not what any Public Relations professional would want or Middle Manager wants to deal with. Steemit has much more pressing problems.

There are things that should remain private. Hacking is against the law. They may have tried to get the simplest and easiest out. Almost every platform out there has had to deal with these same issues.