Article

TJX profit takes hit over data breach

SearchSecurity.com Staff

The massive security breach at TJX Companies Inc. that exposed more than 45 million customers to identity fraud is hitting the bottom line big-time, if the company's second-quarter earnings

    Requires Free Membership to View

report is any indication.

The Framingham, Mass.-based retail giant acknowledged it has spent $256 million dealing with the breach, which was first disclosed in January. That's more than 10 times the $25 million figure TJX cited in May.

Data security breach:
Survey: Data breaches difficult to spot, prevent: IT pros worry that false positives and a lack of resources are preventing them from blocking data breaches, according to a survey conducted by the Ponemon Institute.

Black Hat 2007: New database forensics tool could aid data breach cases - Database security researcher, David Litchfield of UK-based NGS Software will release a free Forensic Examiners Database Scalpel, he says could aid data breach investigations.

PCI DSS auditors see lessons in TJX data breach: Following the recent TJX data breach, several PCI Data Security Standard auditors say the retailer violated basic requirements of the PCI DSS. But they say there are lessons to be learned.

TJX said the expenses went into battening down its computer system and responding to a growing list of investigations and lawsuits against it.

According to TJX's latest earnings report, costs related to the data theft in the second quarter bit into TJX's profit by $118 million. Still, TJX said, strong sales continued during the same period, which it cited as proof that customers aren't walking away.

TJX has acknowledged that at least 45.7 million credit and debit cards were stolen over an 18-month period by hackers who managed to penetrate its network. The company gave a tally of the damage in a regulatory filing with the Securities and Exchange Commission (SEC) in March, and also acknowledged that another 455,000 customers who returned merchandise without receipts were robbed of their driver's license numbers and other personal information.

The attackers reportedly began their assault on TJX by exploiting Wi-Fi weaknesses at a Marshalls clothing store near St. Paul, Minn. Investigators believe the thieves aimed a telescope-shaped antenna at the store and used a laptop to snatch data transmitted between hand-held price-checking devices, cash registers and the store's computers. The exploit eventually led them into the central database of TJX, where they would repeatedly rob the system of sensitive customer data.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: