TJX Fighting Hard To Raise The Bar Even Higher For Worst Credit Card Data Leak Ever

from the go-big-or-don't-go-at-all dept

Last month, TJX, the parent company of retailers T.J. Maxx and Marshalls among others, disclosed that it had lost a ton of customer credit-card and personal information, with some suggesting it could be the biggest breach ever. If you follow these sorts of things, you'll remember that the way they typically go is that the group that's lost the data will disclose a breach, then, after the initial furor has died down, they'll come back a few weeks later and say they lost a whole lot more than they first thought. With that in mind, any guesses as to what TJX has said today? Surprise, surprise -- a ton more information was exposed than the company first disclosed. This sort of leak continues to happen, and nothing gets done to put a stop to it. It doesn't appear that many companies care enough, or have the proper incentives to devote the necessary level of resources to security. But remember what the banks and credit card companies' surveys tell us: these breaches, and identity theft in general, isn't a problem.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Asian, Feb 21st, 2007 @ 5:24pm

    first...

    I'm glad that I've never shopped at either of those stores.... and whoever says that I.D. theft is not a problem should post their name, S.S.# , D.O.B., address, and mothers maiden name.. i need a vacation that they would "not" be paying for ...

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Asian, Feb 21st, 2007 @ 5:25pm

    first...

    I'm glad that I've never shopped at either of those stores.... and whoever says that I.D. theft is not a problem should post their name, S.S.# , D.O.B., address, and mothers maiden name.. i need a vacation that they would "not" be paying for ...

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Stu, Feb 21st, 2007 @ 6:01pm

    Use the Force Luke

    I.D. theft is not a problem
    I.D. theft is not a problem
    I.D. theft is not a problem
    I.D. theft is not a problem
    These are not the droids you're looking for.
    These are not the droids I'm looking for.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    mee, Feb 21st, 2007 @ 8:50pm

    Being a T.J. Maxx associate, people often ask me if we've straightened it out. We don't know anything. So stop asking. Also, you can avoid this mess by paying in cash.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Feb 21st, 2007 @ 9:52pm

    What I don't understand is why these companies with so much data to loose feel that they need to hold onto such sensitive data for the long term, especially if they don't have the security and resources to keep it safe.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    JSchmidt, Feb 21st, 2007 @ 10:06pm

    Umm..

    Jeffrey Schmidt
    525878546
    29/07/1987
    780 McDonnell Rd, SAN FRANCISCO, CA, 94128
    Collins

    Ok, so how is this gonna get me a vacation?....

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    A.J., Feb 21st, 2007 @ 10:35pm

    Re:

    You, my friend, have got balls of steel.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Feb 21st, 2007 @ 11:04pm

    Re:

    "jeffrey" you lied, that's not nice.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    bubba, Feb 22nd, 2007 @ 6:16am

    Re:

    hey Mee,

    Your company made a huge mistake in collecting and storing data from Track 1 of the credit card strip on the back of each card. That has the CC#, Exp Date and CCV#. What should have been collected is the info from Track 2 which is name and address only, no financial information. Maybe you should go to your manangement and ask them how to address those concerns from customers, like myself included, whose CC were compromised. Oh and dont tell me to pay in cash. I can cancel a stolen credit card....someone rips me off of my cash- cant get that back. If its so tuff to answer peoples questions about this major breach then get out or kindly tell people to address their concerns by calling a 1-800 number. With your angry attitude you really shouldnt be addressing these people anyhow.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anyonymous jerk, Feb 22nd, 2007 @ 7:42am

    Fine them!

    At this point, the authorities need to step in and begin dolling out serious fines for these companies. Identity theft not only hurts individuals, but ultimately causes nationwide economic repurcussions when people start declaring bankruptcy because they can't pay their bills.
    (sounding like a poster for ID theft)

    It hurts us all!

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Julian, Feb 22nd, 2007 @ 9:56am

    TJMaxx will be bought out

    Visa will force a buyout or a shutdown. Visa did that for CardSystems last year which is now operating under a new name and new management.

    Visa has implemented PCI security regulations which is a series of security best practices for the specific security of the cardholder data. If you accept VISA cards you must pass this security audit or negotiate an extension or waiver. VISA is not fooling around anymore.

    in_the_industry

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous, Feb 25th, 2007 @ 7:38am

    Prosecute the Real Criminal

    I understand the exposure the company has, along with many other companies that have yet to be hacked. Why are we not talking about finding and prosecuting the criminals that stole the information in the first place. I know it's a difficult task, but it must be done, otherwise, other companies will find themselves in this situation.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This