Sadly these types of attacks are common and on the increase. Being a web developer it pees me off there are people out there who do this for fun. Unless you are using a reputable out of the box solution for your commerce web site it pays to have a specialist review your service and infrastructure for the most common vulnerabilities (e.g. denial of service, cross site scripting, sql injection etc). All the best for getting it sorted.