Low Apr
Credit Cards		 Instant Approval
Credit Cards		 Travel Reward
Credit Cards		 Prepaid
Debit Cards		 Bad Credit
Credit Card		 Business
Credit Card		 Student
Credit Cards

March 31, 2007


  • NEWS: TJX Names Number (Part 3 of 3)

    The filing also gave indications that TJX could not be sure that the stated quantity of data accessed by the breach was definitive, as the company did in fact delete a great deal of transaction data in the time between when the breach is now known to have happened, and when it was first detected. TJX reps have admitted that due to this void in the information available, the full scope of the breach may never be known. It is known that the computer systems were first hacked in July 2005, and that one or more thieves garnished data from retail consumer transactions dating forward from January 2003. TJX did not, per their records, discover the leak until December 18, 2006, when they found suspicious tracking software on their databases. The company defends its month long delay in disclosing the breach on the fact that it hired outside investigators and had notified federal authorities, the cooperation of which were both needed to contain the leak as it was discovered. TJX's SEC filing concluded that the company is not aware at this time who hacked the database, or how many individuals (if more than one) were involved. The ten individuals arrested in Florida on suspicion of making fake credit cards using card numbers recovered from the TJX breach are not believed to have had a hand in the actual hacking; they seem to have purchased the data on the Internet, thanks to the thriving black market on stolen consumer information between identity theft factions.

    Now that the SEC filings have been made, TJX faces investigation and possible censure from the Federal Trade Commission for failing to protect the privacy of consumers. The news is cold comfort to the scores of consumers affected by the breach, who are angry not only that the beach occurred because of perceived negligence, but that there was such a delay in reporting it. The month that TJX spent in investigating the breach without notifying the public could have made the difference between prevention and damage control for those who have had their identities stolen in conjunction with the theft, say advocacy groups. There is a big push for legislation that would require timely and appropriately comprehensive disclosure to those consumers potentially affected by such incidents. No such legislation currently exists.



       Back to News Main Page
     

Copyright © 20011, All rights reserved Extra Credit Cards