Re: "Roth had notified them about the hole via Twitter"
I'm definitely more "security researcher" than "security professional," and on several occasions have notified firms of vulnerabilities and abuse by Twitter...when emails, phone calls, and other more orthodox channels of communication have been ignored.
Sometimes, public shaming works where reasonable discourse doesn't.