[michaelbuckbee]

If it's any consolation, the entire industry was in that state: poor controls, poor encryption, and security, etc.

[a2tech]

"was"? It still seems like a confused mess with lots and log 'security' that people ignore

[michaelbuckbee]

Sure, there's always room for improvement, but at the very least SSL/TLS is ubiquitous now, there actual TLS versions are much better, developers generally view holding onto CC data directly as toxic (the growth of things like Stripe checkout, etc.)