It seems like you guys are minimizing what happened a bit. First of all, if they got a list of all of the email addresses of your users, they then have a great hit list of sites to go through and hack right?
Second, it seems pretty likely that this vulnerability affects more than the single version listed on your site.
Third, has anyone at infopop gone through and done a security audit of the code?
[This message was edited by lumpy on 30 Jan 02 at 07:24 PM.]
