Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
    Digg this story   Add to  
Two retail breaches threaten consumers
Published: 2007-01-18

In two separate incidents, retail giant TJX--the owner of T.J.Maxx and Marshalls--and payment services firm MoneyGram notified consumers that server breaches had exposed their personal data.

The TJX Companies announced on Wednesday that the firm had suffered an unauthorized intrusion into the "computer systems that process and store information related to customer transactions." Last week, payment services firm MoneyGram International notified customers that one of its servers had been breached, potentially exposing the company's customers to identity fraud.

Both breaches happened in December 2006, according to the companies. While MoneyGram estimated that up to 79,000 customers may have been affected, TJX declined to mention the scope of its breach, but said that the unauthorized intruder accessed TJX's computer systems for its T.J. Maxx, Marshalls, HomeGoods and A.J. Wright stores in the U.S. and Puerto Rico, and its Winners and HomeSense stores in Canada.

"Since discovering this crime, we have been working diligently to further protect our customers and strengthen the security of our computer systems and we believe customers should feel safe shopping in our stores," Ben Cammarata, chairman and acting chief executive officer of The TJX Companies, said in a press statement released on Wednesday. "Our first concern is the potential impact of this crime on our customers, and we strongly recommend that they carefully review their credit card and debit card statements and other account information for unauthorized use."

With many states passing breach notification laws, such privacy-affecting pronouncements have become a regular part of corporate news in 2005 and 2006. In December, the University of California, Los Angeles warned that a server containing information on about 800,000 students, faculty members and workers had been exposed by a compromise. Also last year, the U.S. Department of Veterans Affairs warned that a laptop containing names, addresses and social-security numbers of nearly every soldier and sailor in the armed forces had been stolen. The laptop was later recovered.

The companies each said that they had contacted law enforcement. The TJX Companies has 826 T.J. Maxx, 751 Marshalls, 271 HomeGoods, and 162 A.J. Wright stores in the United States, according to the release. In Canada, the company operates 184 Winners and 68 HomeSense stores.

Posted by: Robert Lemos
    Digg this story   Add to  
Comments Mode:


Privacy Statement
Copyright 2009, SecurityFocus