TJX Companies announced on Friday that the retail giant had agreed to settle numerous class-action lawsuits filed against the corporation as a response to the theft of information on at least 46.5 million credit- and debit-card accounts.
The settlement, which first has to meet court and regulatory approval, would give any customer impacted by the theft one or two $30 vouchers for use at the company's stores, including TJ Maxx, Marshalls, HomeGoods, and A.J. Wright. Consumers that returned merchandise to the store -- leaving behind driver's license information in TJX's databases -- will get three years of credit monitoring and $20,000 in ID theft coverage, under certain conditions.
"We deeply regret any inconvenience our customers may have experienced as a result of the criminal attack on our computer system," CEO Carol Meyrowitz stated in a news release. "This Settlement Agreement addresses the different ways customers have told us that they have been impacted by the intrusions(s)."
The settlement comes eight months after TJX acknowledged the theft of more than 45.6 million credit- and debit-card accounts from its transaction-processing servers. The information stolen has been resold to card counterfeiters and other fraudsters resulting in losses in the U.S. and Canada, including fueling a $8 million gift card scam in Florida. TJX Companies' estimated that it will cost in excess of $150 million to clean up its security and settle with consumers affected by the breach.
The company will hold a three-day Customer Appreciation sale, with merchandise marked down 15 percent at all stores, in 2008 as part of the settlement.
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos