I also got an email this morning.
Why do sites such as these still persist on having some personal information unencrypted - why not encrypt ALL personal information? (email, passwords, etc).
Is it really such a big deal to do this?
Obviously, if they get hold of the 'key' then that's another matter (but maybe allows for more trackability for such investigations).