Some Fraud Resulting From Hacked TJX Data -- Redmond Channel Partner

Some Fraud Resulting From Hacked TJX Data

Bankers association reports that hackers have made fraudulent transactions using hacked TJX customer data.

By The Associated Press
January 24, 2007

(Boston) Customer data stolen from TJX Cos. by computer hackers has been used to make fraudulent debit card and credit card purchases in the United States and overseas, the Massachusetts Bankers Association said. The fraudulent purchases have been made in Florida, Georgia, and Louisiana, and overseas in Hong Kong and Sweden, the association said.

Nearly 60 banks have reported they've been contacted by credit and debit card companies about compromised cards, the association said. The number is likely to grow because fewer than half of the association's 205 banks have reported to it on the issue.

"We expect that this is going to continue and the fraud may widen," said association spokesman Bruce Spitzer. "This is just the first reports we have confirmed."

The state association's report of fraud is among the first in the country since TJX disclosed the breach last week. On Tuesday, the Vermont Bankers' Association said a bank it refused to name had been told by TJX that more than 1,600 of the bank's customers had their account numbers compromised.

Framingham-based TJX -- operator of T.J. Maxx and Marshalls discount stores, as well as HomeGoods and A.J. Wright in the U.S., Winners and HomeSense in Canada, and T.K. Maxx in Britain -- did not immediately return a call seeking comment Wednesday.

Last week, TJX said hackers had broken into a system that handles credit and debit card transactions, as well as checks and merchandise returns for customers in the U.S. and Puerto Rico and may involve customer accounts from the United Kingdom and Ireland.

The company said the stolen customer data included information from 2003 transactions, as well as information from mid-May 2006 through December, when the company discovered the breach. TJX has refused to say how many customers had their data stolen or accessed.

Avivah Litan, a data security analyst for Garter Inc., said it may be difficult for the company to determine the scope of the breach because the thieves had a lot of time to sell and circulate the information before the hack was discovered.

"They can't put a wall around it," she said. "That's what so disconcerting about it."

Credit card companies have noted that consumers are not responsible for fraudulent purchases. Spitzer said state banks are notifying customers about fraudulent purchases and reissuing cards in some cases.

Spitzer said it's too early to know the number of fraudulent purchases, or their costs. But he said the cost to banks of reissuing hundreds of thousands of cards alone will be "enormous."

Free Webcast! Learn about Password Management Best Practices

Featured

As Windows Phone Support Ends, Microsoft Steers Users Toward Integrated Office App

The Excel, OneNote PowerPoint and Word applications for the Windows 10 Mobile operating system will lose support on Jan. 12, 2021, Microsoft announced recently.
The 2019 Microsoft Product Roadmap

From the next major update to Windows 10 to the next generation of HoloLens, here's what's on tap from Microsoft this year.
2019-2020 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.
Microsoft Starts Rollout of Endpoint Configuration Manager Update 1910

The rollout of Update 1910 for Microsoft Endpoint Configuration Manager, formerly known as "System Center Configuration Manager" (SCCM), has begun.

RCP Update

Email Address:

Country

Terms and Privacy Policy consent

Yes, I agree No, I don't agree

I agree to this site's Privacy Policy.