That's scary. I wonder if incompetence like that could lead to a lawsuit in the case of a breach.
At this point I wouldn't be surprised if there exists a system that just asks for username with a checkbox "check here if you are the owner of this account"
At this point I wouldn't be surprised if there exists a system that just asks for username with a checkbox "check here if you are the owner of this account"