The "Hacker Proof" badges are supposed to verify your web application as well, but this attack could have been entirely non-technical social engineering to get access to the cart admin account or MySQL username/password. We don't have any details right now at all as far as I know and I tend to doubt they will be forthcoming.
In fact, I doubt that specialforces.com will even inform users of this breach. They don't seem to be especially security-savvy and the initial reaction of secuirty-naive businesses is to keep something like this under wraps so it doesn't hurt their reputation.
Of course, this is just idle speculation and they could have already informed users. I have no malintent. That's just how I read the situation and the likelihoods involved.
In fact, I doubt that specialforces.com will even inform users of this breach. They don't seem to be especially security-savvy and the initial reaction of secuirty-naive businesses is to keep something like this under wraps so it doesn't hurt their reputation.
Of course, this is just idle speculation and they could have already informed users. I have no malintent. That's just how I read the situation and the likelihoods involved.