I'm wondering because they left a message for me to call them back URGENTLY. When I called, they basically said they had to cancel my card and issue me a new one because it had "potentially been compromised". When I asked if there had been any fraudulent activity, they answer was no.
So here I am, scratching my head wondering why my credit card had to be cancelled when there wasn't any suspicious activity (actually there wasn't any activity whatsoever on my card because I tend to use my UK credit card nowadays). The customer service person simply said "oh, the security department has determined that your card might have been compromised. It could have happened when someone swiped your card using a card reader capable of capturing the information required to produce a duplicate card."
I'm no genius, but if someone had indeed done that, how the heck would the bank know unless the card is actually used (and even then it would be speculation because they don't actually need to copy the card to commit fraud)? It's not like there's a big alarm that goes off and gets sent back to my bank when a card is copied. If that's what happens, then it would have had to be a criminal smart enough to hook their system up to the bank and send them the information successfully (kinda like the virus Jeff Goldblum uploads to the alien spaceship in Independence Day) yet be stupid enough to actually do it.
I suspect that they just lost a bunch of credit card numbers. I may never know for sure because it's not mandatory in Australia for companies to disclose any data loss incidents (this should change in my opinion - every institution in the world that stores personal or financial details should be made to disclose incidents just like US companies).
Which bank? No not that one (you'll only get this reference if you're familiar with the banks in Australia and have seen some of their marketing campaigns).