Old topic, but still worth discussing.
FWIW, webOS was also very secure. Like Windows Phone, some of that comes from being relatively small compared to iOS and Android. I dare say Blackberry, Ubuntu Touch and Sailfish are secure.
The divergence from the other fringe choices for Windows Phone is a focus on device security. Having spent time on webOS, Ubuntu Touch and Sailfish, I can say that there are definite avenues of hackability. A more open OS and general sharing of permissions between the core and Apps.
With Windows Phone the strict limits of what a 3rd party App may do, see and affect has intentionally bolstered security. IMHO, it has also turned off a lot of developers. The "hackability" also makes it easier to code Apps that have broad system effects that a more closed system simply does not allow.
It's a trade off.