I’d suggest that WiFi is the red herring, really. Email addresses of all users were available, paired with WiFi passwords. The hack would be that some (very few) people would use the same password for WiFi as they do for all their accounts, at which point the breach is a lot more dangerous.
Mistakes happen. I think it’s equally fair to be tolerant of the error or to flip out over it. If I were using the same password for WiFi and email, I’d be very annoyed, even though my choice to do so would have been poor. My poor security would be my fault, but the breach wouldn’t.
I’m feeling tolerant of this one only because it wasn’t an executed hack and my email address / password isn’t currently in Russia / China (probably), rather it was a reported vulnerability. Luck.
Discussion on the NDSP Discord suggests that this security hole was reported to Neural three months ago. What’s the truth?
From your job history it didn’t sound as though this was your first day on the internet. Welcome! 