It says a lot about the nature of a company when they admit the breech even though it occurred in November of 2011 and they just found out about it. Other companies might just try to pretend that it didn't happen.

It also says a lot that they just upgraded all of the users who were members before that point to a free lifetime membership.

Classy move, LibraryThing.

They've done a good job providing a clear explanation of what happened, how they're mitigating it, and apologising.

I'm also pleased that they have proper audits. Very well-handled.

I wonder how many companies have had similar breaches that went un-noticed or un-announced. Scary.