That voice...

Best Comment :)

Most important thing for me would have to be the keys...followed closely by my iPad and or laptop.

Passwords were not stored in MySQL. LDAP is the authentication mechanism for their webmail (which was compromised), and to answer your question LDAP most commonly uses Salted SHA or SSHA for encrypting the passwords.

The LDAP directory for Zimbra does not connect to the internal Directory (powered by Active Directory) that is being used to authenticate for the INTERNAL billing system. I can attest to the fact that the billing system are not accessible to the public. The only way you can access the billing system is via API calls…

As someone who works for a Comcast vendor (that deals with their IT and customer information) I can tell you that having access to LDAP and MySQL for Zimbra would NOT provide access to where they store their payment information. Their payment information is kept in a completely different piece of software and database.

1 cup salt