The alternatives are 1) they were hacked and since they aren't using a P2PE vendor, their card information was written to a database or 2) they have been writing card information to a database since before PCI and haven't been found out until now.
The Register 
Biting the hand that feeds IT
About Us
Our Websites
Copyright. All rights reserved © 1998–2024
