I agree with what @
(you need an account to see links) said and also, I don't think they have access to credit card info etc. because those transactions are all handled through a totally separate site, that was https loooong before the rest of the site was. That's why when you do those transactions you have to login separately. So it's not as severe of a security issue as that, and probably not as much of a legal issue.
Oh also, when the breach access was being sold earlier this year it was not advertised as including cc info, and i think that was the same entry point as 'nEo_tRuThS' has so I don't think it's that level of security.