To the original poster,
I understand this is a beginner forum however this question is kind of silly. You need to do a little more research. Since, you specified that you are asking about how numbers are obtained online. Credit card info is taken in numerous ways from: card holders, ( keyloggers, Malware, numerous man-in-the-middle attacks etc.) stores or any other businesses entity that would have CC info (SQL injection, and other software vulnerabilities, ). Do some research before you get into anything because you obviously have a lot to learn.