TJX Security Breach
The TJX Corporation, a major retailer with stores in the United States, Puerto Rico, and even the United Kingdom, experienced one of the largest security breaches. Millions of their customer’s credit and debit card information were stolen over a seventeen-month period. The TJX Corporation announced to the public on February 21, 2007 an unauthorized user had accessed their security system and the sensitive information stored in their system had been compromised. The span of unauthorized access went unnoticed from the first hacking in July of 2005. The usual encryptions, that protect vital information like credit card numbers and accounts, had been broken down by the hacker. The files, as far as 2002, that were accessed were vulnerable to theft. Furthermore, the intruder was not even detected until December of 2006. There was much controversy in the manner the information was made available to the public. The consumers’ whose account information was violated had to learn they were at risk of identity theft from the local news. The millions of T.J. Maxx, Marshalls, HomeGoods, and A.J. Wright costumers’ personal information had been infiltrated by a source that the TJX Corporation was unable to detect for seventeen months and also were unable to determine if the hacker had also interfered in the purchasing process. Aside from the 45.7 million customer information that was exposed to criminals, TJX also had to rebuild their creditability with their customers.
What could have been done to avoid such a massive a breach of security? How many more times could the same problem happen? Can sensitive information be trusted to large corporation who manage millions of accounts? For the millions of customers that relied on holiday shopping at the TJX stores learned that for the past two years, there was a problem with the safety of their information. But why did the TJX Corp not mention something once they learned there...