Hi, I'm the guy who's pretty much responsible for all of this, but I just wanted to clarify a few things.
> Yet another company with a far too relaxed approach to security
I don't think we have a relaxed approach to security, we do our best to take it as seriously as possible. Sadly, we have only 3 programmers, a large legacy code base and generally insufficient resources. As we provide public data dumps anyway, it's unfortunate that mistakes can become as magnified as this one, but it did happen. It's not a reason this should of happened, and nor is it meant to be an excuse, but I don't think many people are aware of this.
> What bothers me though is that they discovered this 2 weeks ago and I'm only hearing about it now.
Yes, I've worked night and day to try and get the work necessary to even sand these emails out for the past fortnight. We've never had to do mass mailing like this, so we simply don't have the infrastructure to send the emails. Again, it's not really a reasonable explanation, but that's why it happened.
Hi there, thanks for taking the time to reply. I appreciate the effort involved and apologise for my harsh words - I've just been a little frustrated as it's getting to be a weekly occurrence that some company loses my data / password / credit card details.
Amen, I'd like to push the blame on the fact that we still even have to deal with passwords and stuff in this day and age, but that's hardly putting a better suggestion forward :(
> Yet another company with a far too relaxed approach to security
I don't think we have a relaxed approach to security, we do our best to take it as seriously as possible. Sadly, we have only 3 programmers, a large legacy code base and generally insufficient resources. As we provide public data dumps anyway, it's unfortunate that mistakes can become as magnified as this one, but it did happen. It's not a reason this should of happened, and nor is it meant to be an excuse, but I don't think many people are aware of this.
> What bothers me though is that they discovered this 2 weeks ago and I'm only hearing about it now.
Yes, I've worked night and day to try and get the work necessary to even sand these emails out for the past fortnight. We've never had to do mass mailing like this, so we simply don't have the infrastructure to send the emails. Again, it's not really a reasonable explanation, but that's why it happened.