Breach following day, TJX hired General Dynamics Corp.
Breach of Data at TJX is called the Biggest Ever In the past, all we had to worry about was our wallet full of cash getting stolen. With so many technological advances, we now have to worry about our credit card numbers, driver’s license information, and social security numbers getting stolen. People are afraid to give out credit card information and their social security number at places that actually need the information for fear of being a victim of identity theft.
In recent years, we have heard of several people being victims of identity theft and it happening due to security breaches and people hacking into businesses and stealing personal identification. One of the biggest security breaches of all time is the hacking of TJX Cos. I remember hearing about the TJX breach and how catastrophic it was. TJX Cos is the discounter that operates the T.
J. Maxx and Marshalls chains all over the world. On December 18, 2006, the company learned of suspicious software on its computer.The following day, TJX hired General Dynamics Corp. and IBM Corp. to investigate and by December 21, they resolved that a hacker had broken into the computer systems and had remained active there. The software that was put onto the computers stole at least 100 files that contained data on millions of accounts from systems that process and store transaction information in Framingham and Watford, United Kingdom (Abelson, 2007).
The article stated:TJX believes the hackers last year had the capability to steal payment card data from its Framingham system as transactions were being approved. Even the files TJX tried to protect through encryption may have been compromised because the company believes the hackers had access to the decryption tool. (Abelson, 2007) It was estimated that 45. 7 million credit and debit card numbers were stolen over several years, first accessed on July 2005 and on subsequent dates in 2005 and then from mid-May 2006 to mid-January 2007 but no data was stolen after December 2006.The hacking was not announced to the public until January 13, 2007 and on March 28, 2007 TJX sent letters to the 455,000 customers whose driver’s license numbers, state identification numbers, or military identification numbers and names and addresses were believed to have been stolen. The company offered credit monitoring for customers whose driver’s license numbers or state identification numbers are the same as their Social Security numbers (Abelson, 2007).
This all came following the release of information that thieves were arrested in Florida and were charged with using stolen credit card numbers from TJX to buy more than $8 million worth of gift cards and electronics. The breach cost TJX at the time of the article $5 million for the investigation and new security for the computers but they could not yet estimate the total losses (Abelson, 2007). This was said to be one of the largest security breaches at this time and that the perpetrators committed the perfect crime.Like I stated earlier, I remember hearing about this security breach. I remember being scared that me or someone I knew would be a victim.
It was not until I knew that they were in charge of the accounts for Marshall’s and T. J Maxx stores that I could breathe a sigh of relief because I knew I did not shop at those stores and neither did anyone I knew. I think that TJX needs to have a better security team watching over their system and better security software to prevent future hacking.
They did not find the security breach until almost two years after it was first accessed. Since they got access to the encrypted files because they believed they had access to the decryption tool makes me wonder if it was an inside job. Offering credit monitoring for the customers’ whose information was compromised was a very commendable and appropriate act to help assuage the effect of the situation. As a customer I know this would help me to feel a little more relieved.About 2 years ago, I had to get a new debit card issued, as did several hundreds of thousands of other people all over the United States because of a security breach that my bank alone estimated to cost them over $80,000 to issue the new cards plus the cost of manpower to contact all the customers affected, so I can only imagine how these people felt. As a customer we can all use the upmost care in keeping our cards and identification numbers confidential but with so many technological advances that is no longer going to be enough.With so much internal hacking of businesses and the hacking of such confidential information, businesses need to make sure they take extreme precaution and security measures to protect the data and make their customers feel comfortable with giving out such personal information.
References Abelson, J. (2007, March 29). Breach of data at TJX is called the biggest ever.
Boston Globe. Retrieved May 8, 2010, from http://www. boston. com/business/globe/articles/2007/03/29/breach_of_data_at_tjx_is_called_the_biggest_ever/