It's possible he just didn't want to pay the guy enough, but . . . yeah. A brick-and-mortar bank hires a lot of appsec folks to review their code, for lots of money, and they at least have the legal system to fall back on. That's after they pay market rates for labor to write the code in the first place.

If I was in charge of MtGox security I would probably get an ulcer. One mistake and it's over, forever.