TJX Data Breach Investigation Reveals More Exposure

The TJX data breach has been widely reported on, including by us. This serious security breach exposed the private information of many of The TJX Companies' customers. TJX said that the breach affected credit card, debit card, check, and merchandise return transactions.

This week, the company reported that the breach was more severe than it had originally detected. A company spokesperson said that "while \[we\] previously believed that the intrusion took place only from May 2006 to January 2007, TJX now believes its computer system was also intruded upon in July 2005 and on various subsequent dates in 2005. TJX continues to believe there was no compromise of customer data after mid-December 2006."

TJX also said that it believes credit and debit card transactions conducted from January 2003 through June 2004 at its US, Puerto Rico, and Canada stores were compromised. Other information that was exposed includes drivers license data from "unreceipted merchandise returns" made at T.J. Maxx, Marshalls, and HomeGoods stores in the US and Puerto Rico during the last four months of 2003, and May and June of 2004.

The company established a hotline for customers with questions. People in the US can call 866-484-6978, Canadians can call 866-903-1408, and people in the UK and Ireland can call 0800 77 90 15.

"We are dedicating substantial resources to investigating and evaluating the intrusion which, given the nature of the breach, the size and international scope of our operations, and the complexity of the way credit card transactions are processed, is, by necessity, taking time," said Carol Meyrowitz, president and CEO of The TJX Companies.

"We have a very large team of people working on the investigation. For example, the leading computer security experts working with us have over 50 experts committed to this project. Additionally, with their help, we have strengthened the security of our computer systems. Based on everything we have done, I believe customers should feel safe shopping in our stores. We value our customers' trust and I want our customers to know that I am deeply committed to continuing to address the security of our computer systems, and that TJX will provide periodic updates as we learn more, Meyrowitz concluded.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.