osccommerce security issue?

I am seeking a coder that has worked with oscomerce and understands how to implement security. I need the coder to scan through the site for any security loopholes or possible breaches. Here is the issue: A returning customer tried processing an order and for some reason the system did not ask her to login, so I am guessing cookies are saved in her computer, but she says she is pulling someone elses information from the database, including CC info, I do not know if someone was tampering with the database or someone hacked in. Is there a way you can do a security scan and see what is the problem and recommend some changes that prevent hackers or whatever is occurring and change the admin location? Since the site is live please test off line. I never changed the admin page location for example: [login to view URL], that was the default set up and I am pretty sure if a hacker wanted to find it they can. now after ignoring this possible hacking issue, somethings are happening. The URL is miracle exclusives dot com Cristina