Any idea if they properly Salted/Hashed the passwords, or if they just stored everything in the plain?