[Pyramids]

Phishing for credit card information alone is extremely rare, as it doesn't make any financial sense to people whom are committing fraud, if someone were phishing they'd be interested in login information and identity data instead.

In my experience, most database breaches result in data being sold, not used. It's more profitable and results in far less risk (Ex: 100k cards @ $2/ea via anonymous payment methods) vs attempting to use the cards.

As such, the people who end up actually creating the transactions are usually low level individuals whom are trying to figure out a way to "cash out"

Not to say there isn't a chance you're right, but card data is cheaply and readily available elsewhere, which is why I don't think this was related to a phishing attack. If there were other signs (ex: bank logins compromised, credit inquiries, etc.) then I'd be much more inclined to agree. Either way, it's hard to come to a certain conclusion based on the information provided in the article.