See http://www.kpho.com/money/19936013/detail.html for a story in which two guys who worked at Amex were able to abscond with “thousands” of credit card number and “millions” of customer dollars.

I have two Amex cards. So I went to the Amex website to figure out if my card was somehow exposed. NADA. Not a single word anywhere on the site (perhaps I missed it?).

What is the use of PCI if one of the three card peddlers (Visa and Mastercard being the other two) reflect an attitude of indifference towards protecting MY data.

Wake up Amex CEO: Kenneth I. Chenault. I entrust you with my data. It is time for you to protect it! Mighty nice of you to harrass others with odd PCI requirements. Perhaps it is time you pass a PCI audit yourself.

/al