funsec mailing list archives

Previous By Date Next
Previous By Thread Next

The latest news on the TJX mess

From: <rms () computerbytesman com>
Date: Tue, 25 Sep 2007 15:46:32 -0400
http://www.news.com/8301-10784_3-9784465-7.html

 

September 25, 2007 11:05 AM PDT

TJX agrees to settlement in class action suits

Posted by  <http://www.news.com/8300-10784_3-7.html?authorId=175&tag=author>
Robert Vamosi 

http://i.i.com.com/cnwk.1d/i/bto/20070925/TJX.jpg(Credit: TJX)

The TJX Companies announced on Friday a yet-to-be-finalized settlement for
several class action suits resulting from various data breaches over the
last few years. 

TJX, which operates such discount retail chains as T.J. Maxx and Marshalls
in the U.S. and Winners and HomeSense stores in Canada,
<http://www.tjx.com/class_action.html> is offering claimants two years of
credit monitoring, credit insurance for up to $20,000 in losses, and the
cost of replacing driver's licenses. A second group will receive one or two
$30 vouchers good at any TJX-owned store. 

Additionally, all T.J. Maxx, Marshalls, HomeGoods and A.J. Wright stores in
the U.S. and Puerto Rico and all Winners and HomeSense stores in Canada will
hold a three-day customer appreciation sale sometime in 2008 in which
merchandise will be reduced by 15 percent. 

In a  <http://www.tjx.com/Press%20release%20electronic.pdf> press release
(PDF) associated with the settlement announcement, Carol Meyrowitz, chief
executive of the TJX Companies, said, "We deeply regret any inconvenience
our customers may have experienced as a result of the criminal attack on our
computer system." 

In March,
<http://www.news.com/TJX-says-45.7-million-customer-records-were-compromised
/2100-1029_3-6171671.html> TJX said that up to 45.7 million customers may
have had their credit information compromised. It is believed to be the
largest data security breach ever.

Recently,  <http://www.hackerfactor.com/papers/cc-pos-20.pdf> Neal Krawetz
of Hacker Factor released a report (PDF) citing various vulnerabilities in
how large retail chains, including TJX, collect and store customer credit
card information. You can
<http://reviews.cnet.com/4520-3513_7-6774939-1.html?tag=txt> read more about
Krawetz's findings here or hear
<http://www.news.com/Security-Bites-Podcast-Whats-behind-retail-store-data-b
reaches/2324-12640_3-6208138.html> a podcast interview with him here. 

 



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: