BreachExchange mailing list archives
[update] TJX says computer security breach wider than previously reported
From: Dissent <Dissent () pogowasright org>
Date: Wed, 21 Feb 2007 10:34:36 -0500
http://www.madison.com/tct/business/index.php?ntid=119919&ntpid=0 TJX Cos., operators of Marshall's and T.J. Maxx discount retail stores, said Wednesday a security breach into its computer systems was more extensive than previously reported. TJX had thought the intrusion into its customer data files took place between May 2006 and January 2007, but has since learned its computer system also was hacked into in July 2005 and other periods during that year. Credit and debit card data from transactions at its U.S. and Puerto Rican stores and credit card-only transactions at Canadian stores from January 2003 through June 2004 were stolen. Also believed stolen are some drivers' license numbers together with related names and addresses associated with unreceipted merchandise returns at TJX's T.J. Maxx, Marshalls and Home Goods stores in the U.S. and Puerto Rico for the last four months of May 2003, as well as for May and June 2004. TJX said it will notify those customers it can identify whose drivers' license numbers, names and addresses were taken. Additionally, T.J. Maxx customers in Britain and Ireland may also have been compromised, the company said. Names and addresses were not included with the stolen credit and debit card data. Also, debit card PIN numbers, information from transactions at the company's Bob's Stores and transactions made with Canadian bank debit cards are not believed to have been stolen. TJX did not disclose the number of accounts affected, and said its investigation is ongoing. _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 149 million compromised records in 580 incidents over 7 years.
Current thread:
- [update] TJX says computer security breach wider than previously reported Dissent (Feb 21)