They had a SSL certificate on their site, so I suspect the traffic was not being intercepted and decrypted on the fly (as this is hard work, vs brute forcing admin credentials). That leaves...
Type: Posts; User: quentin
They had a SSL certificate on their site, so I suspect the traffic was not being intercepted and decrypted on the fly (as this is hard work, vs brute forcing admin credentials). That leaves...
They 100% stored credit card details, and I would not be surprised if your FAL and home address details were also stored in their database. In the wrong hands, those details could be a lot more...