CCA has connections with CBM hosting. He was allowed access to obtain anyone's key.dat file that was using the hosting service and using some well-known techniques, extracted the keys from them.
Your keys are not in danger unless you used CBM hosting. If you did, go get your money back.
I have never talked with Cca, let alone give him or anyone access to my client's key files. That Steam chat that was posted earlier in this thread was just him trying his best to tear the service down by making people doubt it. I have
never given out keys to anyone, nor will I ever do that. I do understand your concerns, but rest assured, the keys for anybody who has my service are safe.