Eugene, I want to make very clear, I'm not talking in any pro/anti bpl manner in this statement, only a purely technical response, but the issue of automated forum spamming is totally unrelated to credit card processing or site or member security. No hacking is involved, there is nothing at all connected. No server security is or was compromised, spamming of this type is NOT cracking or hacking. Millions, literally, of websites that feature automated member signups have this problem, and the problem has gotten much worse this year.
Again, this is not related to bpl members/non-members happiness/unhappiness, that's a fine topic for chaff or whatever, but on a technical level, there is nothing at all risky about such spamming in terms of site and server security, absolutely nothing. Now, if you click on the links they post, well, then you're on your own, those links can lead to nasty things, so don't do it. Same as for email spam in that way. Hopefully you all know this, if not, now you do.
bpl has just been spared the worst of this in the past, and they have responded quite well to this relatively new issue, so I don't fault them at all in this case, it's a weird world out there in the interweb, bpl was just sheltered from it. Dealing with these issues can be hard, so cut the guys some slack, this isn't the same as gear questions, it's a different part of the world.