I'm not sure about it, but I don't think the CC number would be stored in the book file as such. The first time you open the book, you have to enter your name and CC number, which I imagine would then go through some complex algorithm against a _checksum_ of some sort embedded in the book. If they match, bingo, you can access the book. No one should be able to determine your private details from the book file or software on your PDA.
As for what ereader.com do with your CC and other personal details, we have to trust them to store them securely and not pass anything on (like any other company we purchase from) I guess.
I am firmly opposed to DRM of any sort, but find ereader.com's to be less intrusive than Microsoft or Mobipocket, for example (you can use the book any any system that has a reader for it, for example, as opposed to Mobipocket which is keyed to one particular PDA or PC... which is a shame as I prefer Mobipocket to Ereader as a reader (and have both registered
)
Craig.