Hilarious story. If you put the password in the page, it’s not exactly hacking for someone to enter your “secure” site. To add to the hilarity, they’ve left the insecure login method in place and merely changed the password (view source here). Sigh. To make matters worse for them they’ve hit the home page of Digg just now thanks to Mr. Baby Man…oh man. They’re about to lose their heads at the “breaches” of “security” that will now flow.
I’d also add that if you learn that a prospective customer has contacted your clients and your immediate reaction is shock and horror…you’re doing something horribly wrong in business.
I hope they didn’t pay too much (ie, more than $3.50) to whoever “secured” that site.