I'm not sure if it's due to lack of QA on their(company's) part or lack of common sense during development(software, database, and security design) or maybe it's due to all of the above. The sad thing is that these companies are not taking into consideration the evils of this world. C'mon, there are too many users out there who would love to hack a site and create some havoc or just hack the site to be able to purchase the item at a much lower cost. Technology is evolving and with that, programmers are becoming more sophisticated... unfortunately some of them are being devious with their abilities. People cannot survive thinking that no one will take advantage of them - because they will. If they could assume the worst and program for that, they may be somewhat safe. But, in reality I think it'd be highly difficult to guard against every single security hole.

You're right jcwren, real world evil is out there..