The data was likely to have been stolen using JavaScript sniffers, the online equivalent of a traditional card skimmer – a small device installed on ATMs that intercepts payment card details ...