said by notech:"Credit card information was not compromised" - You said "Our emails, address, credit card, past bills etc have been open for this other customer to see"
While I had Hughes service for many years I was never a Hughes customer, so a question to all of those who are: Are you able to see your OWN credit card info when you log in?
That is generally a no-no. Last 4 digits only would be max. If you can see it, they need to be told to reprogram their site. If you can't see it, likely nobody else could either even if two accounts became cross-wired.
Actually, beyond displaying it, the web server shouldn't even have access to the whole number. That should be one-way only, when you put in new information, transmitting to the database, but no way for the web server to read it back from the database in its entirety.