Not to speak on behalf of the sender, but Luminate Online and the payment processors that we transmit secure information to are completely PCI compliant. Luminate doesn't actually store Credit Card information. When a user inputs their card information, Luminate immediately encrypts their data and forwards it directly to the payment processor. That being said, Luminate is PCI compliant in the sense that we safely and securely transmit the Credit Card information.

In regards to the email; you should probably forward that to your IT department or Security Engineering. They will determine if the email is authentic and if there are any steps that need to be taken to ensure that your organization is PCI compliant.