ample time, money likely the excuse
If I read the statement of Nijmegen University (which btw is on http://www.ru.nl/home/nieuws/icis/radboud_universiteit/, the URL in the article is invalid) the researchers had completed their research to a stage where they could safely sound the alarm in March. "Because of her responsibility to society the university has immediately and confidentially notified the national government and NXP of the results of the independent investigation to the Mifare Classic Chip. Upon which the minister of interior affairs made the problems with the chip known and indicated the university would, in due time, publish the results." is a rough translation. The statement continues that the researchers very consciously didn't reveal any details about the flaws in the chip to give stakeholders, among which NXP, the change to do something.
So that's one thing: responsible disclosure would seem to have taken place.
Another thing is I recall reading about the national outcry over the chip issue (mind you, this whole chippifying of Dutch public transport tickets has already cost an amazing 1.000.000.000 EUR. Yes, that's 9 zeros) that after the tendering procedure the Dutch government deliberately chose the flaky chip on the ground of it being cheapest. Duh. The articles appearing at that time clearly indicated NXP has a good replacement.
What I guess is happening here is NXP desperately trying to put off the moment at which they really need to end-of-life their Mifare Classic chip. My assumption is that they are still making an interesting amount of money from it. Sudden EOL is not really a cheap way to phase out that product, I can imagine. Now if I am *not* cynical about corporate human reasoning capability I am tempted to think they carefully weighed the PR risk of the trial against the financial risk they're running and went ahead with sueing the researchers.
I don't believe this to be true however. I'd guess it will be a combination of seeing the prospect of a nice revenue stream evaporating at great cost, not understanding how the academic world functions (publish or perish anyone?) and not understanding what motivates academic researchers to begin with (there is definately a strong desire to simply do what is right for the greater good) and probably a nice dosage of corporate ignorance and arrogance ('s not fair!) that really motivates them.
To conclude my comments: I've worked with Mr. Jakobs and his team on several occasions and have experienced them as security researchers and academics with a very high degree of integrity and a thorough understanding of the sharp edges of security research, like disclosure. Kudos to him and his team and kudos to the university for supporting him in doing the Right Thing. And lovely publicity of course for all of them, academic freedom, furthering society etc. This is a really nice example of the benefits of having institutions like universities.