Why? They are in a very specific business and have more incentive to cover up successful attacks than most other companies.

And while I'm 99% for Hanlon's razor here, I don't see a reason to be sure it wasn't even a completely successful DoS attack.

“Our employee pushed bad code by accident” is VASTLY better for them than “we didn’t secure the infra that pushes updates to millions of machines”.