Data aggregrators are big targets because pwnage allows access to lots of data that would otherwise take a lot more pwned targets to find.
The fact that these places got pwned (again) is not a surprise. Humans work there, and spear phishing is a popular sport amongst miscreants and is proven (repeatedly) to be highly effective. The fact that someone, possibly one of the sysadmins if they got access to the databases, fell for it is concerning as they are in the "should know better" category.
The fact that they were pwned for months and didn't know is only mildly surprising.
These places need to learn some real security.