Devs leave back doors, hackers have mad skills, servers have admins, etc.

Absolutely, and I'm not 100% we've seen the end of this due to the above.

Utopian have handled it pretty well, it's a huge hit for them as the hacker/s wiped servers and destroyed backups. As I mentioned, there has to be trust in at least one other person and normally more in business - a solid employee turned major rogue is I guess one of the biggest risks (with low possibility) on the matrix.

Phishing has seemed to increase, pretty low-life imo and it is a case of user education as you say that can help keep damage at a minimum.

Cheers.