Questions like:
What information exactly was stolen. You say billing information was not stolen but what about contact info? Phone numbers, physical addresses, emails?
What time frame did this occur over? Was there evidence of this knowledge being used? Is the security hole/breach thoroughly understood and plugged now?
Enable comments in your blog. Moderate if you must, but realize that if this happens in the future and the blogs are readonly then you are shutting down an important line of communication between your customers and yourself.
Unless you enjoy lots of angry phone calls (though I see you've got that covered
) and emails, I would recommend enabling comments for the future so we can ask these very important questions.
