Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
    Digg this story   Add to del.icio.us  
TJX breach larger than previously thought
Published: 2007-02-22

Retail giant TJX Companies announced on Wednesday that data thieves compromised its systems far earlier than first believed.

The company--which operates stores in the T.J. Maxx, Marshalls, HomeGoods, and A.J. Wright chains--had originally stated that the first breach of its systems happened in May 2006. Now, it appears that additional breaches occurred as far back as 2005, the company said in a statement the coincided with its earnings announcement. Because of the breaches, the company now believes that transaction information dating as far back as 2003 as well as some names and numbers from driver's licenses may have been accessed.

"We are dedicating substantial resources to investigating and evaluating the intrusion which, given the nature of the breach, the size and international scope of our operations, and the complexity of the way credit-card transactions are processed, is, by necessity, taking time," Carol Meyrowitz, president and chief executive officer of TJX said in the statement.

In January, TJX announced that the firm had suffered an unauthorized intrusion into its "computer systems that process and store information related to customer transactions." TJX declined to mention the scope of its breach, but said that the unauthorized intruder accessed TJX's computer systems for its T.J. Maxx, Marshalls, HomeGoods and A.J. Wright stores in the U.S. and Puerto Rico, and its Winners and HomeSense stores in Canada. A number of banks and banking associations have reported widespread fraud thought to be linked to the breach.

Some analysts believe that TJX has escape serious financial consequences from the breach, according to the Boston Globe. The company has still not quantified the magnitude of the breach.

A nod to the Emerging Chaos blog.



Posted by: Robert Lemos
    Digg this story   Add to del.icio.us  
 
Comments Mode:







 

Privacy Statement
Copyright 2009, SecurityFocus