portrman writes "I've been using a local credit union called First Tech for years and have been quite happy. But recently they decided to merge with another credit union so all members(customers) have to vote before it can go through. They used a 3rd party voting site called http://www.cuballot.com./ To authenticate myself, they required my account number plus part of my SSN. The email providing the instructions came from the 3rd party. I'm sure most reading this understand the huge security implications. Beyond the public shaming of posting this to Slashdot, what's the best way to impress upon my bank the security issues involved? See the site here: https://www.cuballot.com/firsttechcu"