funsec mailing list archives

Previous By Date Next
Previous By Thread Next

[privacy] TJX Breach Involved 45.7M Cards

From: "Fergie" <fergdawg () netzero net>
Date: Thu, 29 Mar 2007 02:13:50 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

WOW.

Via The Boston Globe.

[snip]

At least 45.7 million credit and debit card numbers were stolen by hackers
who broke into the computer systems at the TJX Cos. in Framingham and the
United Kingdom and siphoned off data over a period of several years, making
it the biggest breach of personal data ever reported, according to security
specialists.

TJX, the Framingham discounter that operates the T.J. Maxx and Marshalls
clothing chains, also reported in a regulatory filing yesterday that
another 455,000 customers who returned merchandise without receipts had
their personal data stolen, including drivers’ license numbers.
‘‘It’s the biggest card heist ever,’’ said Avivah Litan, vice
president of Gartner Inc. ‘‘This was obviously done over a long period
of time, in many locations. It’s done considerable damage.’’

The filing provided the first detailed accounting on the breach since TJX
publicly disclosed the problem in mid-January. TJX spokeswoman Sherry Lang
said that about 75 percent of the compromised cards either were expired or
had data in the magnetic stripe masked, meaning the data was stored as
asterisks, rather than numbers. But the true extent of the damage likely
will never be known, Lang said, because of the methods used by the intruder
as well as file deletions by TJX done in the normal course of business.

[snip]

More:
http://www.boston.com/business/ticker/2007/03/tjx_breach_invo.html

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFGCyDSq1pz9mNUZTMRAh3tAKCMpJakVIJNWeGLGWc8vYn+yC/SkQCfczQe
yPtY/mZIz3qxhZL7vzXQ9yg=
=D7Yt
-----END PGP SIGNATURE-----



--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
privacy mailing list
privacy () whitestar linuxbox org
http://www.whitestar.linuxbox.org/mailman/listinfo/privacy
Previous By Date Next
Previous By Thread Next

Current thread: