From The Australian:
Victorian police are investigating a massive identity fraud involving the personal details of thousands of Australians that have been available on a blog site for more than a month.
The data, discovered by The Australian, includes thousands of Visa, Mastercard and American Express numbers, including expiry dates, together with home addresses, phone numbers and email addresses.
The list was posted on a free blogging site, where it was copied by search engine Google as part of its routine cataloguing of internet sites on April 21.
[…]
A number of the records appeared to have been taken from a holiday accommodation database, with entries such as “Ensuite Villa, 2br” included alongside cardholders’ details.
Others were clearly from a courier organisation, including detailed delivery instructions for packages if the cardholder was not at home.
Most of those affected were Australian but the list also included credit card details from people based in New Zealand, Germany and Britain.