$500 million -> optimistically 2000 developer-years, assuming no budget for hardware, management or profit.

I'm not saying someone didn't mess up or that the security breach wasn't preventable, I have no knowledge of that, but I hope no one on HN is surprised that building a site that on the frontend handles traffic from a significant fraction of the US and on the backend interfaces with basically every insurer in 30-some states is something that might take hundreds of developers a few years to develop.

(Which again, is not meant to imply that there wasn't any waste or that the project was completely as efficiently as possible, but when people say they could have done it in a quarter with 5 people, I say, what is wrong with you?)

It sounds like that’s irrelevant because the problem was compromised accounts using the system:

> On October 16, 2018, we found that a number of agent and broker accounts engaged in excessive searching for consumers, and through those searches, had access to the personal information of people who are listed on Marketplace applications.

Zenefits raised $583M to build their platform... So to first order: seems reasonable.

No, but you see, shareholders may eventually profit from that. But if its publicly funded and the public benefits, its a bad thing because how can capital get some sweet returns in this scenario?