Responsible Disclosure?
Yeah right here you go - I have identified a flaw in security access to a type of entry system based on RFID cards. I go to the supplier who slaps a court gagging order on me and sues me to death to keep it quiet, they fix it (eventually) and no-one is the wiser. That is what will happen, all that has happened here is the notice was so short they couldn't react without publicly displaying their panic.
If Companies release insecure products or don't test them (including ongoing) then the "public" in the guise of MIT, Hackers, whomever will. Don't get a girly toot when they then publish a flaw you can't be arsed to fix in advance!
Cake and eat it pops to mind. If you are in the security business then you must be secure!
Blame Microsoft they introduced the strategy of public beta testing of their products! you break it we fix it! ...every Wednesday (ish)