The TJX Data Breach exposed 45.7 million credit and debit card numbers when hackers accessed their computers in 2006. The hackers were also able to access nearly a half-million customers' driver's license or state-issued ID information that was attached to their account. A prior blog details how a good friend found out his information was one of the nearly 50 million people put at risk. In his case, a thief used his information to ring up over $11,000+ on his Sears Master Card and then managed to open other accounts. He found out about the fraudulent accounts and charges after getting copies of his credit reports...and simultaneously -his first debt collector call.
**************************************************************
January 2008 - Joe Whatley, an attorney representing credit card companies suing TJX over its massive data breach in 2006, didn't mince his words. In open court he told U.S. District Court Judge William Young that the company knew about the data breach in early October of 2006; more than two months before the company began to notify credit card companies of the problem. If true, it will mean that TJX violated numerous state laws by trying to keep the breach quiet.
The TJX data breach is the largest single data breach know from any company or any government organization. As many as 93 million credit cards in 13 countries had their data exposed to identity thieves through a Trojan Horse - a malicious software program - that was operating on TJX's servers. TJX owns and operates a number of discount department stores including TJ Maxx and Marshals.
Whatley told the judge that, "TJX first became aware of this breach as early as October the 3rd of 2006 when it learned of problems with Discover Cards. It took them over two weeks, roughly the same time it took us to file our amended complaint, for them to even contact a consultant to investigate the matter. And it took them another two weeks after that to retain the consultant and work out a nondisclosure agreement. And, of course, there were problems. TJX then allowed them to have access to it for a period of time and then terminated them when they found there was a problem," referring to the data breach. Read More
Leave a comment