Discount clothing retailer TJX, who revealed in January that hackers had accessed many of their customers' credit card information, has now disclosed that the information of at least 45.7 million customers was compromised. TJX is the parent company of T.J. Maxx and Marshalls, among other clothing stores. A spokeswoman for TJX, however, told the Boston Globe that about three quarters of the card numbers gathered were expired or encrypted, but also that it is impossible to know the full extent of the damage. Information was stolen from transactions as far back as December 2002 ("TJX: At Least 45.7M Card Numbers Stolen").
Is there anything TJX can do to calm this public relations nightmare? What can businesses and consumers do to prevent this from happening in the future? Do cases like this make you reconsider how heavily to rely on your credit or debit cards?
recommend this
email
print
link to this page
Comments: 10
Here's a link that is self explanatory: http://carolynbaker.org/archives/in-debt-we-trust-as-the-economy-goes-bust-a-return-to-serfdom-by-carolyn-baker
I do have a debit card, which never tempts me to spend more money than I have, and would not allow an identity thief to get much out of me.
The compromised data on the TJX computer system also includes drivers license numbers with names and addresses of people that recieved refunds for returns of CASH purchases.
I want to know why this data is kept on the TJX computers at all. Once the transaction has cleared, there is no good reason to retain the customer data. Data that has been removed is much harder to access or steal.
It is possible to keep data secure by storing it on a system that cannot be accessed from the outside. This also tends to makes the data less available to internal users, and requires tight system design.
Limited access and tight design fly in the face of what most IT managers consider to be their mission.