I doubt staff have access to email address or credit card info.
But you have a right to be concerned we all do that shop online but I have never been ripped of and I have being buying online for 8 Years from various place big and small and not once has my credit card been hacked.

You would have more of a chance of losing money in an Online Bank that any merchants online they fortunalely are more savvy and up to date with webpages than the online banks are.

In my country for instance Australia, they are trying to blame the consumer if you lose money while doing a online transaction instead of beefing their security up..  It stinks and I can assure you they will not get away with it. No law will pass like this while I breath and walk lol.

I say let the techs find the little pest that is lose, Nuke it and strength security, as  putting the balme here there and everywhere is a  distraction. 

I trust the guys that load the software and code to spend the proper time to look for it.
They will notice it as they know exactly which code they  have written for this site.

Unfortunaltey these things happen all the time, its good of us to point it out, but I dont like to point the finger at one person or a group of people, like I have said before these Guys employ hackers to do these kind of  things, they have Billions at their disposal.