Tenzer declined to go into detail about the extent of the Sasser infection, how the worm penetrated American Express' network, and what steps were taken to stop the attacks.
The University of Texas M.D. Anderson Cancer Center was also hit by Sasser this week, according to Don Lyons, the hospital's deputy chief information officer. More than a third of the facility's Windows machines were infected.
"As of yesterday, we had about 6,000 infected systems," said Lyons, "but as of Friday morning, we've whittled that down to about 700 or so."
M.D. Anderson's IT department manages approximately 17,000 Windows systems -- both desktops and servers -- for the nearly 2,000 physicians and researchers, and the 8,000 other workers in the hospital.
"I'd put our effort [on Sasser] right on par with MSBlast," said Lyons, referring to last summer's network worm outbreak. "We were much better organized this time around, and deployed 12 teams and 50 people to clean up infected systems and patch others."