Poor monitoring, shareholder plaintiffs said, led to “one of the most devastating cyberattacks against the United States in history.”