I have noticed several cycling related sites run insecure web based purchasing.
I was registering at one ite the other night when I realised the url was http rather than https. I stopped registering and went to the logon page which was the same.
Effectively without the https your username/password and everything else is unencrypted in the tinterweb.
I am not saying you credit card details are not secure as they may use a third party but I did not go that far.
I have emailed the retailer who have said they will deal with it but they have had no probs before, thats not really the point as neither had TKMax till they lost 45.7 million credit card details!
I looked at several sites others also had insecure login pages. Most use https. I wont name names you can check yourself but just a heads up.