Phoenix, Arizona Home Blogs Arizona Phoenix Miscellaneous

Topics

On the Road

Major Medical

Protecting Your Family

In the Workplace

Miscellaneous

Even More Details Emerging about TJMaxx and Marshalls Data Breach

Staff Writer
Staff Writer
Contributor
Posted by Staff Writer January 21, 2007 8:24 AM
Tags: Identity Theft
2 CommentsPrint ArticleSubscribe

Even more details are beginning to emerge about the theft of data on computer systems belonging to TJX Companies, the parent company of TJMaxx and Marshalls stores. Unfortunately it appears that thieves are actually using information they stole from the TJX Company computers. The on-line publication Computerworld described the data security breach as follows:

The scope of the security breach disclosed this week by The TJX Companies Inc. is starting to make itself evident, with more than three dozen banks in Massachusetts alone now reporting that cards they issued have been compromised.

A spokesman for the Massachusetts Bankers Association said this afternoon that 40 of the MBA's 205 member banks have said they suffered card compromises as a result of the breach at Framingham, Mass.-based TJX. That number is sure to grow as more banks report to the association, he added, noting that only about 60 have done so thus far.

It appears that the data stolen from TJX Company should never have been saved in the company's computer system in the first place. According to the Computerworld article, the data stolen from the corporate computer system included

account numbers, expiration dates and encrypted personal identification numbers, plus other information that card-issuing banks can include at their discretion.

Credit card company standards prohibit retailers from storing this information in its computer systems once a consumer transaction has been completed,

Retailers are forbidden from storing such information under the Payment Card Industry (PCI) Data Security Standard being pushed by Visa, MasterCard International Inc. and other credit card companies.

TJX Companies apparently did not follow this credit card company requirement nor did it encrypt sensitive data on its systems as also required by the Payment Card Industry Data Security Standard. Thus, although thieves stole credit card data and numerous consumers have apparently been affected, it appears that the TJX Company's lax adherence to the Payment Card Industry Data Security Standard allowed such an intrusion to occur. If this information turns out to be accurate, in my opinion, TJX should bear responsibility for allowing such a serious data security breach to occur. If you shopped at TJMaxx or Marshalls, what do you think about the company's approach to consumer privacy and data security? If you have recevied word from your credit card company that you may be a victim of this data security breach, do you think TJX Companies should be held accountable? I'd like to hear your opinions.

2 Comments

Have an opinion about this post? Please consider leaving a comment or subscribing to the feed to have future articles delivered to your feed reader.

John Hogenson
Posted by John Hogenson
January 26, 2007 4:52 AM

I am a TJX cardholder, and , fortunately, have not had a problem to date. We have also just been notified that the relationship between TJX and Capitol One has been terminated as of 1-31-07. The letter said that TJX would fire up its own rewards program in February. As a consumer, we are very concerned by this breach because we place a lot of trust in all the parties connected to a credit card--we think they should always be responsible for safe-guarding our personal information.

Randall Udelman
Posted by Randall Udelman
January 26, 2007 7:37 AM

Thank you for your message John. All of us place our trust and confidence in the retailers we choose. We lose that confidence and trust when something like this happens. The TJX Companies set up a frequently asked question site to discuss what happened and the next steps it has taken. You can access this site at More ... ">More ... .. The company suggests that customers pay careful attention to credit card billing statements for awhile and consider placing a fraud alert on credit reports as a precautionary measure. Hopefully you will not become a victim of this theft but in the meantime, be careful.

Comments for this article are closed.

Subscribe to InjuryBoard Phoenix

 InjuryBoard Phoenix RSS Feeds

Keep up with the latest updates using your favorite RSS reader

Legal Assistance Center

More Info
Better Business Bureau Accredited Business Confidential

Your question will be referred to an attorney near you. If your question is of a legal nature, then by submitting this form you agree you are not forming a formal attorney / client relationship. Read our full privacy policy.

Looking for an InjuryBoard attorney closer to home? Click here.

Additional Resources

Subscribe to Blog Updates

Enter your email address if you would like to receive email notifications when comments are made on this post.

Email address

Blog Archives

View previous posts from:

Interesting Links

Popular Tags

Consumer Law Defective Products Food Poisoning Identity Theft Medical Malpractice Motor Vehicle Accidents Peanut Butter Recall Rants and Raves Salmonella Wrongful Death

Regional Blogs

Find an InjuryBoard Blog in your area:

Related Links