so, it did not include password data, but included credit card info...really, i think the latter is to be more worried about.
It was encrypted - and most credit cards I've had expire after 2-3 years so even if they did manage to decrypt it wouldn't really matter.
i would assume that the password data would be encrypted as well(although, after sony's incident, who knows anylonger.) Still if two pieces of information were stolen, both encrypted, and one directly lead to me being in debt if it were ever decrypted, i think i'd worry about that one more.
i guess the way i read the story is that, it's apparently ok because it didn't include any password information.