Query string vulnerability found on a website of DVD software vendor

I wanted to play a disc with CPRM copyright protection mechanism and tried to activate CPRM feature of my software online. The website showed my account, including my name, my address and my password reminder (my mother's name). Then I found by accident that the site exposes GET-based query string on the URL and that by changing that string then we can see other persons' personal data. I soon requested to the vendor first to delete my personal datum and then to stop that site. My datum was deleted, but the site remains alive. You should make sure that the vendor of the software that you want to buy has enough knowledge of web security.