|
||
Research and retrieval of news articles by: SPECIAL NOTE TO ALL VISITORS: |
TJX SAYS 45 MILLION CREDIT CARDS HACKEDSource: Newsfactor.comPosted on April 4, 2007 On January 17, the discount retailer TJX reported that its computer system had been hacked and that the intruders obtained access to financial information and driver's licenses dating back as far as 2003. At the time, the company did not disclose the extent to which its customer information had been compromised. TJX, a publicly traded company that operates more than 2,500 stores, filed its annual report with the Securities and Exchange Commission (SEC) last week, and for the first time provided some preliminary details on the extent of the theft. "Based on our investigation to date," the company wrote, "we believe that our computer systems were first accessed by an unauthorized Intruder in July 2005, on subsequent dates in 2005 and from mid-May 2006 to mid-January 2007, but that no customer data were stolen after December 18, 2006." The company said that it thinks that the intruders stole information relating to transactions between December 31, 2002 and June 28, 2004, and that at least 45 million credit and debit cards were used in transactions during the first 12 months of that time frame. Final Tally UncertainDue to its corporate data-handling procedures, TJX might never know precisely how much consumer information was lost. "Prior to discovery of the computer intrusion, we deleted in the ordinary course of business the contents of many files that we now believe were stolen," TJX told the SEC. "In addition, the technology used by the Intruder has, to date, made it impossible for us to determine the contents of most of the files we believe were stolen in 2006." For Marc Rotenberg, Executive Director of the Electronic Privacy Information Center, the TJX hack is a clarion call for change. "The current system just isn't working," Rotenberg said. "It's becoming clear that security breaches and identity theft are growing out of control." Rotenberg noted that several bills are pending before Congress that would improve the protection of consumer data, and suggested that perhaps the TJX theft might spur Congress to act. Retailer Liability?Even if Congress doesn't act, Rotenberg said, retailers will face pressure from both consumers and card-issuing banks to do a better job protecting financially sensitive data. "This could cripple the world of electronic commerce," Rotenbeg said. "If a big enough pool of credit card numbers can't be relied upon for transactions - and there have already been several reports of these numbers being used around the world -- then it undercuts the entire credit card system." Rotenberg pointed out that, traditionally, the issuing banks and financial institutions have taken the losses when credit card numbers are stolen and misused, but he suggested that they might be running out of patience. "Banks are now saying that if companies collect credit card and other personal information," Rotenberg said, "then they must take a more aggressive role in protecting that information and accept some of the losses when they don't do so."
E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes. |
ALERT WebTrust Is Your Best Defense Against Privacy Breaches. Get WebTrust Working For Your Site. |