Wednesday, March 28, 2007

TJX Breach Involved 45.7M Cards

Via The Boston Globe.

At least 45.7 million credit and debit card numbers were stolen by hackers who broke into the computer systems at the TJX Cos. in Framingham and the United Kingdom and siphoned off data over a period of several years, making it the biggest breach of personal data ever reported, according to security specialists.

TJX, the Framingham discounter that operates the T.J. Maxx and Marshalls clothing chains, also reported in a regulatory filing yesterday that another 455,000 customers who returned merchandise without receipts had their personal data stolen, including drivers’ license numbers. ‘‘It’s the biggest card heist ever,’’ said Avivah Litan, vice president of Gartner Inc. ‘‘This was obviously done over a long period of time, in many locations. It’s done considerable damage.’’

The filing provided the first detailed accounting on the breach since TJX publicly disclosed the problem in mid-January. TJX spokeswoman Sherry Lang said that about 75 percent of the compromised cards either were expired or had data in the magnetic stripe masked, meaning the data was stored as asterisks, rather than numbers. But the true extent of the damage likely will never be known, Lang said, because of the methods used by the intruder as well as file deletions by TJX done in the normal course of business.

More here.

0 Comments:

Post a Comment

<< Home