I don't call out compromised accounts either but I do call out the methods that got them compromised and activly look for new exploits with the sole intention of having them patched... Make of that what you want. I like to think of it as strategical white hacking haha.