The "Aid to the Church in Need" charity web site has been hacked and over 2,000 users' credit card details stolen for use in fraudulent transactions - providing a timely reminder of the importance of security during the pre-Christmas spending spree.

Of course security is always on the mind of the IT professional - at home and at work. In the case of high street payments, until last year, credit cards used to rely on an easily copied magnetic strip that made for a highly insecure system.

Especially as in restaurants and other service operations, your card was often taken away to a back room to be verified.

The arrival of chip and PIN cards has not eliminated the risk of skimming (because it's still possible to copy chipped cards) but it's certainly made it much harder unless thieves can also get access to your PIN number. And wireless card readers that allow you to input your number at the table mean you don't have to lose sight of your card any more.

So face-to-face transactions have, at last, become more secure. Inevitably the bad guys' attention has moved from the high street to the electronic mall. And here no one is immune from faceless and traceless crooks who could be based anywhere in the world.

For obvious reasons, little information is being given out about exactly how the charity site was hacked, though apparently the site owners say it did use secure encryption to transfer and store sensitive data. And there is my beef. Though I understand that the last thing we need is a mechanism to advertise how any new hack has been done, wouldn't it be helpful to a site administrator or user to understand some basic things that should be done to avoid this kind of hack taking place again?

I had a similar frustration when my credit card was skimmed a couple of years ago. I was desperate to know something about how and where it had been done so that I could take steps to avoid a repeat. But the fraud investigators at my credit card company had no interest in telling me anything.

Result? It did happen again, and as I didn't know how to avoid another repeat, I drastically reduced my credit card usage.

The sad reality is that today only a small proportion of such hacking crimes are even reported, because the perceived harm of bad publicity is so much greater than the cost of letting the criminals "get away with it".

But surely keeping quiet about these breaches does no one any favours. Traders will get hit more often if the underlying problems are not tackled. And more importantly, if public confidence in online purchasing is damaged, then the exponential growth of online retailing may end.

We need a mechanism to share information about such events. At the very least, word should reach product developers who build the security we rely on when buying with a credit card online; as well as the site administrators who might get hit by subsequent attacks.