Hacking an account, exploiting someone’s false sense of security is, in my opinion, a great example of where the security failures are really: in the humans.
I am sure; that EVERY account hacked in known history has been made because of the end users’ negligence. Giving their password to someone else, using a third-party application, using too obvious passwords or any other action where negligence was part of it.
Security starts with the end user and until they can fully understand, none of us will truly be secure.
Just my opinion (shared among those of us who hold many hats; white grey and black)