News Stay informed about the latest enterprise technology news and product updates.

TJX admits losing credit card data to crackers

A December attack breached an unspecified number of customer records from a number of TJX stores in the U.S., Canada, Puerto Rico and Ireland.

TJX Companies, Inc., the parent company of T.J. Maxx, Marshalls and other discount stores said Wednesday that part of its transaction system had been breached by attackers who stole an unspecified amount of customer data.

The company said it discovered in December that an attacker had used discovered and exploited a flaw in the system it uses to handle credit cards, debit cards, check and merchandise returns.

The company asked investigators not to immediately reveal the incident, which involved data on customers who shopped between 2003 and December of 2006 at T.J. Maxx, Marshalls, HomeGoods and A.J. Wright stores in the U.S. and Puerto Rico and possibly the U.K. and Ireland. U.S.-based customers of Bob's Stores, which TJX also owns, could also be affected.

A TJX spokesperson said the losses involved a "relatively small number" of customers, who the company will contact directly. TJX has hired General Dynamics Corp. and IBM to assess the loss and secure its systems.

The original version of this story was published on sister site

Dig Deeper on Cybersecurity risk assessment and management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.