I think you're right to be suspicious. It suggests that the web page in question hasn't been properly set up, so although it's an https address it may still not be secure.
There is a long thread on the O2 forum concerning their web site errors following the introduction of the new BB packages. There were also errors on the O2 forum site which were corrected and there is still a time error on that site which shows posts being made +/-1 hour of the true time.
Basically, it appears that the developers are outsourced and probably located in India. Numerous errors were discussed and it took quite a while to correct those errors that had been identified.
This security error has obviously been missed.
@UncleUB >> I would suggest a PM to Paul@O2 or Abhishek@O2 will get the correct response.