Neo_Truths - The truth...

[I_royalty_I]

I agree with what @(you need an account to see links) said and also, I don't think they have access to credit card info etc. because those transactions are all handled through a totally separate site, that was https loooong before the rest of the site was. That's why when you do those transactions you have to login separately. So it's not as severe of a security issue as that, and probably not as much of a legal issue.

Oh also, when the breach access was being sold earlier this year it was not advertised as including cc info, and i think that was the same entry point as 'nEo_tRuThS' has so I don't think it's that level of security.

Anybody handling any sort of credit card data has to go through some sort of PCI compliance requirements. That data likely isn't handled at all by them and there's more than likely a third party sort of thing that manages it. I don't trust them, and I doubt they trust themselves, to keep a database of credit card information. There's poor judgement and security polices... and then there's just stupid lol

Account pins are another thing that is stored somewhere different than the normal user data. Not sure why that is or where/how they store that information - but it's compartmentalized to a degree. All things considered, the breach wasn't TOO terrible and the site will be fine. I'm sure there are some interesting pieces of information regarding how certain things function on the site though within that source code.