T.J. Maxx probe finds broader hacking

["'Richard M. Smith'" <rms () computerbytesman com>]

http://news.com.com/T.J.+Maxx+probe+finds+broader+hacking/2100-7349_3-616101
9.html?tag=nefd.top
 

The TJX Companies, the discount retailer best known for its T.J. Maxx and
Marshalls clothing stores, said Wednesday that its hacking investigation has
uncovered more extensive exposure of credit and debit card data than it
previously believed. 


Information on millions of TJX customers may have been exposed in the
long-running attack, which
<http://news.com.com/T.J.+Maxx+hack+exposes+consumer+data/2100-1029_3-615101
7.html> was made public last month. It affects customers of any of TJX store
in the U.S., Canada or Puerto Rico, with the exception of its Bob's Stores
chain.

The breach of credit and debit card data was initially thought to have
lasted from May 2006 to January. However, TJX said Wednesday that it now
believes those computer systems were first compromised in July 2005. 

TJX said credit and debit card data from January 2003 through June 2004 was
compromised. The company previously said that only 2003 data may have been
accessed. According to TJX, however, some of the card information from
September 2003 through June 2004 was masked at the time of the transactions.

The company added that names and addresses apparently were not included with
the card information, that debit card PIN numbers are not believed to have
been vulnerable, and that data from transactions made with debit cards
issued by Canadian banks likely were not vulnerable.
 
...

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.