That is some amount of information, so there is some value in concealing it. It has the downside of removing accountability which I think is more valuable than a trivial amount of information.
Not exactly. A timing attack relies on targeting an ongoing process. If you disclose after the investigation is complete, then there's nothing to attack.
In your analogy, it would be closer to someone logging and then disclosing the fact they had logged in at some point (years) in the future.
(FWIW, I am not a security researcher, but I've heard about how these things work. Would love to be corrected if wrong. :) )
Considering there are people sitting in Guantanamo and elsewhere who haven't been charged with a crime, "after the investigation is complete" could be decades.
