Great question! Our credit card payments for library fines are actually handled by PayPal--the Library never sees patrons' credit card or billing information. PayPal does a lot of business and has industry-standard data security policies, which of course doesn't mean they can never be hacked, but the situation is similar to when you provide your credit card information to other major web vendors.
The Library is also concerned about keeping your activities private, so for instance we don't retain an extensive history of your checkouts. This policy became fairly common after the Patriot Act was passed in the wake of 9/11 and libraries became concerned that the federal government might demand access to their patrons' past activities.