Can't say I am surprised with how they handled the news, essentially (I can only assume) Tim's response is implying I am hiding behind a fake account or something, (yet I gave him my work email to contact me on) and tried to downplay the seriousness of the fact their database and over 12,000 (of a purported 20,000) members details are leaked online. Tim also stated on Telegram to me that they used to use md5 hashing, and later changed to bcrypt after they "realised" a breach had happened in the past (yet they never informed their users of any such breach), yet 97% of the hashes in the leaked database are hashed with bcrypt, with the remaining 4% being md5. Many red flags here.

Users should always be informed of any breach. I'm going to submit this to haveibeenpwned.