It stores entries names in plaintext? Not very secure. I'll rather have log.tmp file container (with all encrypted passwords inside) than passwords\gmail.gpg
Usernames aren't considered to be privileged data. If you're relying on your usernames being secret, then you're making a big mistake and you should rethink things.
Single username isn't privileged data. But a set of usernames and realnames can be. It's better to lose a pendrive with encrypted block256.dat than Passwords\HackerNews\dfcsd.gpg, Passwords\Bank\34457356.gpg, Passwords\Mail\name.gmail.gpg etc.
It shouldn't be considered secret, period. If you're worried about non-secret data being used to attack you (the kind of data people can acquire by digging through your trash when you bring it out to the curb, for example), then your likely-to-be-lost USB key should be using some encryption of its own. This encryption doesn't defeat the purpose of using pass, either, because pass uses gpg agent, where the key nicely times out after a while, whereas disk encryption is somewhat persistent. Regardless, username data isn't private, even when you have multiple in once place; all that data can be put together through other means.
Why is that the case? It seems to give someone a lot of information. It's not just relying on the username to be secret, but it gives info to someone that you may want to be secret, like a password to a pornographic site.
