Picture of TK Maxx shop
Retailer is victim of fraud

TK Maxx confirms theft of millions of credit card details

World's largest theft went undetected for 16 months

Written by Dave Friedlos

Computing, 30 Mar 2007

Retailer TK Maxx says hackers stole credit and debit card details belonging to over 45 million customers in an attack on the computer systems of its parent company TJX.

Transaction details from January 2003 to June 2004 were accessed, but the full extent of the theft is unknown, Computing revealed earlier this year (January 2007).

TJX has admitted that data was accessed from its systems in Watford, Hertfordshire and Massachusetts over a 16-month period from July 2005 to December 2006.

The company confirmed information had been stolen from 45.6 million cards used in the UK and US between January and November 2003. However it does not know how many details have been stolen from November 2003 to June 2004.

It is the world’s largest theft of credit card details and was undetected until December last year. Two files were also stolen and TJX may never know what was in those files.

Some customers of TK Maxx’s 210 shops have reported that their credit card details have already been used to make fraudulent transactions.

TJX is working with General Dynamics and IBM to investigate the breach and boost security, says chief executive Carol Meyrowitz.

‘Given the nature of the breach, the size and international scope of our operations and the complexity of the way credit card transactions are processed, the evaluation is, by necessity, taking time,’ she said.

‘With the help of computer security experts, we have strengthened the security of our computer systems and we believe customers should feel safe shopping in our stores.’

But it is urging customers to monitor their credit and debit card statements and for suspicious transactions.

David Roberts, chief executive of The Corporate IT Forum, said at the time the attack was first revealed that TK Maxx may have underinvested in systems to protect information.

‘I do not know of any other retailer that has suffered a similar attack in recent years. It will require a major revision to ensure its systems are foolproof,’ he said.

Roberts says e-crime is a growing threat, and any theft of credit and debit card information could pose damage a retailer’s reputation.

reader comments

related articles

Picture of clothing model

TK Maxx loses payment details

Customers are urged to check statements for fraudulent use of account data following attack 25 Jan 2007

 

Bank victim of record phishing strike

£600,000 stolen in long term phishing attack 19 Jan 2007

PayPal tackles UK phishing concerns

Optional two-factor authentication system to be provided for users 01 Feb 2007

Review 2007: IT security and e-crime

Computing's review of the year looks back at the top IT security and cybercrime stories 20 Dec 2007

2007 Roundup: Data loss hits the headlines

Nationwide, Halifax, TK Maxx, HMRC and many, many more to blame 24 Dec 2007

Security

TK Maxx ruling prompts sales pitch

VARs urged to watch for retail sector security sales opportunities 14 Aug 2008

related whitepapers

today's top stories

Security

Technology and privacy

Watch part one of a two-part Computing roundtable debate on the importance of putting data privacy issues at the heart of your IT plans 01 Dec 2008

The Industry View

Got the Knowledge?

Last week the civil service published a new strategy to help government seize the opportunities and meet the challenges of managing knowledge... 01 Dec 2008

Communications

Q&A - ntl:Telewest Business managing director Stephen Beynon

The cable provider's chief talks about the future of next-generation broadband access in the UK 28 Nov 2008

Management

Computing podcast - Standard Life's offshoring plans; and the prospects for government IT

The insurance giant outlines its new outsourcing strategy; and we ask if the government's economic bailout will affect its IT plans 28 Nov 2008

Talking Outsourcing

India will remain open for business - but that's not the real story

One of the duties I have to fulfil as a director of the National Outsourcing Association is to talk to the media... 28 Nov 2008

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Advertisement

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Will the terrorist attacks in Mumbai affect your offshoring plans?

Will the terrorist attacks in Mumbai affect your offshoring plans?

Is India becoming a risky destination?

Previous poll results

> More polls

Latest audio and video articles

Padlocked CDVideo

Technology and privacy

Watch part one of a two-part Computing roundtable debate on the importance of putting data privacy issues at the heart of your IT plans 01 Dec 2008

Podcast imageAudio

Computing podcast - Standard Life's offshoring plans; and the prospects for government IT

The insurance giant outlines its new outsourcing strategy; and we ask if the government's economic bailout will affect its IT plans 28 Nov 2008

> More audio and video

Latest in-depth articles

ntl:Telewest's Stephen BeynonAnalysis

Q&A - ntl:Telewest Business managing director Stephen Beynon

The cable provider's chief talks about the future of next-generation broadband access in the UK 28 Nov 2008

cowboyFeatures

Guns for hire

David Neal explores the world of interim CIOs and discovers why more firms are turning to them to spur on IT-led change 27 Nov 2008

> More in depth articles

Advertisement

Primary Navigation