Hackers gained access to more than 100,000 credit card details on CitySights NY website. Hack was discovered by accident and may have been present for a month or more. Hackers were able to use an SQL injection hack to access their database of customers. This type of attack is one of the most common out there and is a wake-up call for online businesses to be more vigilant about protecting their customers’ information. Using third party payment processing systems, like PayPal, that does not reveal account information, is another good idea for online shoppers.
Source: https://thehackernews.com/2010/12/users-credit-card-information-stolen-by.html