Madness.
Although don't for a second expect your details to be safe anywhere on the internet. I have done a lot of website design, and even a couple of shops sites. So please take this as a warning.
This is why it's sensible to use something like Google Checkout (or even PayPal, as much as I hate them) as this keeps your payment details separate to the shops database. If you have ever entered details on any website you would be surprised how many places your personal data can end up.
Demon is certainly not alone here. It just so happens that someone has taken the time to set up a scam on this occasion.
I do hope no-one thinks this makes Nick look bad, as he does a top job.
It really is bad luck. Typically people just extract data from a website and save it. I expect in this case, as most people use PayPal or something that there wasn't enough payment details hence this person set up the scam.
As for the WHOIS. Please be careful! I very much doubt anyone clever enough to do a SQL injection will set up data a domain with their personal information. Especially if they have a list of people addresses and phone numbers... so please don't go harassing an innocent person!
So my top internet tips
- Avoid entering you payment card details on any website unless you are sure some serious work has been done on security (it's reasonable to except Amazon etc will be more safe than a small website, as they will have a whole security team)
- Where possible use a secure third party payment systems, such as Goggle Checkout or PayPal. This way the shop never gets your details, for either them to do harm with, or others to do harm with.
- Accept the fact your name, address and phone number are never safe. Companies buy and share these details, someone can go through your rubbish and of course people can gather this online. As much as you try it is out there.