> The company knew its security practices at the time were poor since it used the same encryption key for all passwords.
So they weren't using salted hashes? What were they using instead? Public key encryption, or symmetric encryption? Where were the keys stored?