If their train software contains patches by cybercriminals that they were unable to detect but a third party hacking group without documentation were, how can we possibly believe that the train's software is safe? Surely the hackers could have put some other bugs in there.
Exactly. If they "fell victim to cybercriminals" who entered backdoors in the code (that they didn't know about for over 2 years!) then Newag should instantly recall all trains for inspection.
Contrarily, if they _knew_ about it, and didn't tell anyone, then it's even worse.
