While I am entirely unaware of any method that could resulted in a security leak on our end that would compromise your financial data, I've passed this issue over to support with a "please investigate immediately" flag. You will hear from them shortly. Sorry to hear about this.

We do not store credit card information for security reasons, and all vital information is sent through a secure connection, so it's impossible for anyone to hijack from us anything that could be used to make a fraudulent payment.

As for Cyprus, the only consequence of being a Cyprus-based company is some banks' standing towards this country. Past actions of "enterprising individuals", which originated in Cyprus, do not reflect upon our own security. They only impact statistics, which is why some banks are wary of transactions made through it. To my knowledge we do not process payments in Cyprus, but banks do check where a business is registered when a payment attempt is made.

As lukaszthegreat suggested, the typical causes of credit card info theft is low computer security (keyloggers and other spyware), deception (phishing websites, scammers), and physical credit card theft. Hijacking such info from encrypted databases or from real-time secure connections is extremely improbable. And then there are sites like GOG.com that don't store vital information, just in case.

Why, that's preposterous! Also, if you hear someone knocking at the door, and see men in dark suits and sunglasses, please open the door peacefully and offer no resistance. Knowledge is such a dangerous thing... :P