TJX Encryption, Data Retention Details Trickle Out
A Ziff Davis Internet article by Evan Schuman, via eWeek, reports that:
TJX is still retaining customer data for far too long—months—and for the wrong reasons, although it's current wireless efforts appear adequate, according to a report issued Sept. 25 by the Office of the Privacy Commissioner of Canada and the office of the Information and Privacy Commissioner of Alberta.More here.
The report shed light on a few details of the TJX situation, but it didn't answer the critical questions of how it happened. Reports have focused on a wireless hack and on breaking into a job application kiosk.
The Canadian report made a cursory reference to the wireless effort, but couched it by saying that "TJX informed us that the intruder may have gained entry into the system outside of two stores in Miami, Florida." If taken literally, that says little, other than wireless access is still one of the main theories of TJX. The report mentioned nothing about any other theories.
The only new detail is the reference to Miami. Prior reports—beginning with a May report in the Wall Street Journal—had fairly consistently placed the point of wireless penetration in St. Paul, Minn. But with no specifics as to the method used, those details are relatively meaningless.
0 Comments:
Post a Comment
<< Home