It certainly isn’t free to secure data. It takes engineering effort, among other things. But I agree that it should all be secured. I also agree that most businesses don’t view it as critical, unless they’ll get in serious trouble if they don’t do it.

This is one reason why I was eager to do the work on SN which removed the storage of email addresses in plaintext if you choose to login using one. It felt good to further secure stackers’ data in that way