I just signed up for a myPantone account and received my password (as is) thru email.

This is a good indicator that Pantone stores passwords in plain text.

This is a major security issue and I advise anyone to use a unique password that you do not use anywhere else.

I have a very unique password for Pantone.
But quite honestly, I don’t pay full book for their paper products on their website either so they don’t have my credit card number.

Unlike Adobe, who gave up my corporate credit card number and other info in a hack a few years ago.

If you want, you can shoot them an email at privacy@pantone.com. I’m not sure if it will have any effect, but it’s good to call it out when you see it.