It was not malware that got Hannafords and it was not anything to do with anyone's personal computer. In fact, what happened to Hannafords could happen to any retailer (eatery) that takes credit cards. Taking credit cards is a two step process. The first step is safeguarded through encryption used on both ends to verify the card and the amount being charged. This communication goes between the retailer and the bank/credit union that holds the card. Because this route has been pretty much secured hackers don't bother much with it now. But every retailer/ eatery that takes plastic still has to get paid. So they "run" the credit cards that have been approved at a certain time (Hannafords does it every night) and this is where the money actually gets moved from the card holder's account to the retailer's account. Because the transaction has already been approved all that is sent for this is the actual credit card number and the approval code. Because no names or identifying information is being sent at this point and this is what was hacked into, the crime is called fraud, not identify theft. What the hackers did was actually use the credit card numbers with the approval codes to take money from those accounts that they got when they hacked the transaction. Not every one of the card numbers stolen had that happen to it although the possibility was certainly there. I hope this makes sense. The important thing to know is that there is nothing you can do to prevent this as it was not YOUR computer that was being hacked.