funsec mailing list archives
The latest news on the TJX mess
From: <rms () computerbytesman com>
Date: Tue, 25 Sep 2007 15:46:32 -0400
http://www.news.com/8301-10784_3-9784465-7.html September 25, 2007 11:05 AM PDT TJX agrees to settlement in class action suits Posted by <http://www.news.com/8300-10784_3-7.html?authorId=175&tag=author> Robert Vamosi http://i.i.com.com/cnwk.1d/i/bto/20070925/TJX.jpg(Credit: TJX) The TJX Companies announced on Friday a yet-to-be-finalized settlement for several class action suits resulting from various data breaches over the last few years. TJX, which operates such discount retail chains as T.J. Maxx and Marshalls in the U.S. and Winners and HomeSense stores in Canada, <http://www.tjx.com/class_action.html> is offering claimants two years of credit monitoring, credit insurance for up to $20,000 in losses, and the cost of replacing driver's licenses. A second group will receive one or two $30 vouchers good at any TJX-owned store. Additionally, all T.J. Maxx, Marshalls, HomeGoods and A.J. Wright stores in the U.S. and Puerto Rico and all Winners and HomeSense stores in Canada will hold a three-day customer appreciation sale sometime in 2008 in which merchandise will be reduced by 15 percent. In a <http://www.tjx.com/Press%20release%20electronic.pdf> press release (PDF) associated with the settlement announcement, Carol Meyrowitz, chief executive of the TJX Companies, said, "We deeply regret any inconvenience our customers may have experienced as a result of the criminal attack on our computer system." In March, <http://www.news.com/TJX-says-45.7-million-customer-records-were-compromised /2100-1029_3-6171671.html> TJX said that up to 45.7 million customers may have had their credit information compromised. It is believed to be the largest data security breach ever. Recently, <http://www.hackerfactor.com/papers/cc-pos-20.pdf> Neal Krawetz of Hacker Factor released a report (PDF) citing various vulnerabilities in how large retail chains, including TJX, collect and store customer credit card information. You can <http://reviews.cnet.com/4520-3513_7-6774939-1.html?tag=txt> read more about Krawetz's findings here or hear <http://www.news.com/Security-Bites-Podcast-Whats-behind-retail-store-data-b reaches/2324-12640_3-6208138.html> a podcast interview with him here.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- The latest news on the TJX mess rms (Sep 25)
- <Possible follow-ups>
- Re: The latest news on the TJX mess Gregory Hicks (Sep 25)