From the main MCX FAQ:

On the data security side, the technology choices we’ve made take consumers’ security into account at every aspect of their core functionality.

And from this MCX blog post:

Within the last 36 hours, we learned that unauthorized third parties obtained the e-mail addresses of some of our CurrentC pilot program participants and individuals who had expressed interest in the app. Many of these email addresses are dummy accounts used for testing purposes only. The CurrentC app itself was not affected.

We have notified our merchant partners about this incident and directly communicated with each of the individuals whose email addresses were involved. We take the security of our users’ information extremely seriously. MCX is continuing to investigate this situation and will provide updates as necessary.

You can’t make this stuff up. (via MacRumors)