They absolutely SHOULD; but they absolutely WON'T because they don't even think they did anything wrong (as opposed to CloudFlare who hangs their hat on the mistake).

Companies commonly claim security/anti-fraud, then refuse to explain their actions, claiming (again, without evidence) that justifying themselves would help fraudsters in some way.

But really this has nothing to do with anti-fraud, and everything to do with duopolies out of control and weak consumer protections doing nothing to push back.

That's why Google, Apple, and Microsoft are notorious for this.