It's not that "dishonesty doesn't matter" it's that you really shouldn't expect a company to go out of its way to call attention to its own screwup. They only want to bring this to the attention of people who need to know for security reasons, and they directly emailed all of those people. The sole purpose of the blog post was "oh, in case you heard about a security breach, you'll be happy to know that we've mitigated the problem. Aren't we doing great?" Even if you think the answer is "no," there is really nothing dishonest there.
