A couple of weeks ago there was a story about a credit card payment clearing house (Heartland Payment Systems) that got breached. Big numbers of cards got potentially compromised. I bet that is the source of all this. I don't think AA per se was the issue as my two cards have not been replaced and are just fine. Rather it is probably where you used those cards and whether Heartland cleared the transaction.

http://www.2008breach.com/