Feeds

TJX finds self at bottom of 300-bank pig pile

'Negligent misrepresentation' in data handling has its costs

Securing Web Applications Made Simple and Scalable

Associations representing almost 300 Northeastern banks in the US say they are suing TJX Companies to recover tens of millions of dollars in damages resulting from a data breach that may have exposed more than 45m credit and debit card numbers to thieves. Additional organizations from all over the country are likely to join the suit, which will be heard in federal court in Boston and seeks class action status.

Plaintiffs in the case include the Massachusetts Bankers Associated, the Connecticut Bankers Association and the Main Association of Community Banks. They allege in a press release that the owner of retail outlets including TJ Maxx, Marshalls and HomeGoods is responsible for "dramatic costs" to banks that have been forced to reissue new cards and cover fraudulent purchases drawn on compromised accounts.

"If we're successful against TJX, the nation's major retailers will finally wake up to the fact that not protecting consumer data is an unfair trade practice and that investment in data management systems to protect consumers and shield consumers against fraud and identity theft is required," the president and CEO for one of the plaintiffs said.

TJX first disclosed the breach in January but provided painfully few details. Last month it provided an update that said it lost about 45.6m card numbers to unknown thieves who intruded on the retailing giant's networks over a span of 17 months. Personal information, often including social security numbers, for at least 451,000 individuals was also lifted.

Fraud resulting from the TJX breach has been reported from all over the world, and the plaintiffs say banks to this day continue to receive lists of cards stolen through the heist. In March, authorities in Florida detained at least six individuals suspected of using pilfered account numbers to buy gift cards at Wal-Mart and Sam's Club stores. ®

Mobile application security vulnerability report

More from The Register

next story
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.