I'd be willing to bet money there is a better chance the companies server will get hacked (maybe even by google, see IronGeek's thread on that) than the chance of your computer being hacked and the CCN being stolen from there. For one, CCN's are a LOT easier to find in a sql database than they are buried in the registry or in some .dat file somewhere in your .tmps.