Yes they were because of multiple reasons:
10 years ago Internet had started spreading fast. Since it was a new technology people started adopting it like mad (at least in India that was the time when people started getting crazy about it). But little did they realize that with technology came bugs. A lot of it was replicated into many systems. Those who made Internet never expected Internet to be used the way people started to use it. Banking, ticket booking, form applications, INTERNET started getting everywhere and so did the bugs. As these bugs started surfacing up, it became impossible to patch them up completely . These bugs were exposed on Internet for everyone to view and try them for free. People did start trying. Many countries didn’t even have a formaly cyber security laws in place at that time.
Even though https was formally specified in 2000 itself, its widespread use started only in around 2008 when facebook started pushing it (as far as I recollect, correct me if wrong).
This is when everyone started hacking Facebook, Twitter 😀 – so by 2010 every major site had to shift to https.
Moral of the long story:
Internet was not made for what it is used today. Noone knew that Internet will be what it is today – it evolved and evolved fast, so did the technology. Mistakes were made and we learned from our own mistakes. Internet today is much safer than it was anytime before.