Feeds

TJX takes $118m hit over massive security breach

$2.60 each for exposed credit card

The Power of One eBook: Top reasons to choose HP BladeSystem

TJX, the American retail giant, has set aside $118m to cover costs and potential liability arising from a security breach to its database systems.

Crooks gained access to 45.6m credit and debit card records during the breach, which lasted 17 months between July 2005 and January 2007. TJX's $118m after-tax cash charge for Q2 2008 includes $11m in security consultancy fees and other expenses directly related to the attack and a contingency fund of $107m to cover liability payments arising from pending lawsuits.

In addition, TJX expects to chalk up non-cash charges of approximately $21m for FY2009.

The funds set aside by TJX are a fraction of the $1bn-plus losses estimated by analyst firms, and much less than guesstimates from security consultancies, who have a clear axe to grind in talking up the financial impact of security breaches. Tellingly, investors haven't marked down TJX share price significantly in the expectation of major losses down the road.

TJX announced the impact of the intrusions into its systems on its bottom line as it announced Q2 2008 results. Net sales for Q2 2008 were up nine per cent to $4.3bn, resulting in an income of $59m. ®

Designing a Defense for Mobile Applications

More from The Register

next story
DARPA-derived secure microkernel goes open source tomorrow
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.