I have sent PMs to a few of the people above but here my official response is.
Sorry, but I’m not going to share a link to the info just because I would prefer for less people to know about it. If you have purchased from IO your: full name, address, phone number, email registered with them, paypal email, paypal transaction ID #, IP address, shipping option, currency paid in, and a encrypted version of your password are all on it.
Yeah, this isn’t good. I just Googled and quickly found a 32 megabyte SQL dump file of what is probably their entire database, still available on their site.
I just edited their BLF rating page and removed the “Recommended” badge…
meh…. i should probably change all 308,938,392 of my online passwords now right?
its been a while since i changed everything… i dont use the same thing for everything though… i recently changed my intl outdoor pass because i forgot it … but who knows when the sql dump is from
Well that sucks, I didn’t use a password that is used elsewhere and my info is all over anyways… I’m not really worried but it’s still disheartening to see this happen in what used to be a moderately trusted business. Such is the reality of the web nowadays, things are never completely secure (Which is why I’m never completely trusting, least here on the webs).