Your website sent me my password.
Our security is not something to be proud of - but we have some layers of protection. We do not store any sensitive information for our users like credit cards, home address e.t.c. Only username and passwords. The website form you were using communicates to a secure database on a separate server reserved for all the user info. So payer info is not stored on our website like you`ve assumed.
Could we make security better? Given time yes. But is it worth the investment of time and funds that our team can spend on making the game better? Amateur hacker migght not be able to get the info, someone much more advance - there is a chance, but all they can get is separate entrees of username and password - that hold no real value, other than the small % that someone uses the same username/password somewhere - but most people pick unique in-game nicks, and there is no good way to track this, as we don`t even store user IP.