Picture of clothing model

TK Maxx loses payment details

Customers are urged to check statements for fraudulent use of account data following attack

Written by Dave Friedlos and Tom Young

Computing, 25 Jan 2007

Retailer TK Maxx has warned UK customers that their credit and debit card details may have been stolen in a hacking attack on the computer systems of its parent company TJX.

TJX says the attack occurred in December, but, on the advice of investigative authorities, only alerted customers last week.

The intrusion hit systems that manage customer transactions such as credit card, debit card and refunded transactions. TJX has identified some information that has been stolen, but the full extent of the theft is unknown.

Chairman Ben Cammarata says information on transactions made between May and December last year may have been accessed and is advising customers to review bank and credit card statements carefully.

‘Since discovering this crime we have been working to protect customers and strengthen the security of our systems,’ he said.

TJX is working with General Dynamics and IBM to boost security and says a containment plan will prevent further intrusions.

David Roberts, chief executive of The Corporate IT Forum, says it appears the retailer may have underinvested in systems to protect information.

‘I do not know of any other retailer that has suffered a similar attack in recent years. It will require a major revision to ensure its systems are foolproof,’ he said.

Roberts says ecrime is a growing threat, and any firm that stores credit and debit card information is a target and faces severe damage to their reputation.

Just last week, Sweden’s largest bank Nordea suffered the biggest internet fraud in history. More than eight million kronor (£600,000) disappeared in three months as a result of tailor-made Trojans, affecting 250 customers.

Gartner security analyst Jay Heiser says informing customers immediately of breaches would not necessarily help as many individuals do not know what to do when notified that their information has been lost. ‘But if firms were forced to disclose information about breaches sooner there would be an incentive to improve security,’ he said.

What do you think? Email us at feedback@computing.co.uk

Further reading

Bank victim of phishing strike

Publicise the phishing facts

International phishing gang arrested

reader comments

related articles

 

Review 2007: IT security and e-crime

Computing's review of the year looks back at the top IT security and cybercrime stories 20 Dec 2007

Review 2007: IT in financial services

Computing looks at the big stories in financial services IT in our review of the past year 18 Dec 2007

Security

TK Maxx ruling prompts sales pitch

VARs urged to watch for retail sector security sales opportunities 14 Aug 2008

related whitepapers

today's top stories

The Big Picture

Learning from the credit crunch to avoid a broadband crunch

While it might be the most pressing issue de jour , the financial system isn’t the only area where government needs to... 10 Oct 2008

Management

How careerism can warp IT procurement

Many working in IT put their career interests before those of their employer when weighing up purchasing options 10 Oct 2008

Management

City in pressing need of skilled IT matchmakers

With the financial services sector plunging ever deeper into an M&A maelstrom, IT leaders are having their systems integration skills and due diligence expertise tested as never before 09 Oct 2008

Software

The definitive guide to software development

Five key trends and five best practice tips to help you improve your programming capabilities 09 Oct 2008

Management

Computing podcast - IT implications of the banking crisis, and the FSA clamps down on IT security

We discuss the effect of shotgun mergers and acquisitions on financial services IT staff, and examine the industry regulator's plan to fine directors for information security breaches 09 Oct 2008

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job


IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Would you apply for a job that was advertised on Facebook or a similar social networking site?

Would you apply for a job that was advertised on Facebook or a similar social networking site?

The government is using Facebook to recruit IT staff - would you apply to such an ad?

Previous poll results

> More polls

Latest audio and video articles

programming codeVideo

The definitive guide to software development

Five key trends and five best practice tips to help you improve your programming capabilities 09 Oct 2008

Podcast imageAudio

Computing podcast - IT implications of the banking crisis, and the FSA clamps down on IT security

We discuss the effect of shotgun mergers and acquisitions on financial services IT staff, and examine the industry regulator's plan to fine directors for information security breaches 09 Oct 2008

> More audio and video

Latest in-depth articles

Financial Services Authority buildingAnalysis

FSA threatens executives with fines

Senior management to be held accountable for security lapses at banks 09 Oct 2008

Comment

Broadband must be a spending priority

For the economic health of the nation, the government would do better to bankroll an optical fibre rollout rather than prop up profligate banks 09 Oct 2008

> More in depth articles

Advertisement

Primary Navigation