Eleven Charged In Massive TJX Data Loss... But Many Are Still Overseas
from the this-is-hardly-over dept
We've had numerous posts about the massive (some say the largest ever) data breach by TJX, parent company of retailers like TJ Maxx and Marshalls. So, it's certainly worth mentioning the story making headlines that the "culprits" of the breach have been charged in the case, but it shouldn't exactly put your mind at ease about these breaches. After all, the credit card info they accessed (over 40 million cards by most accounts) is still out there, though many card holders have already changed their numbers. But, more importantly, it sounds as though most of those responsible aren't in the US at all and are basically sitting free in Eastern Europe and Asia. Hell, one of those "charged" is only known by his online username, with no indication where he might be located. So, yes, it's good that the feds tracked down some of the folks responsible, but most of them are probably still out there getting access to the credit cards your provider sent you to replace the ones compromised by these guys in the first place.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: credit card theft, data breach, organized crime
Companies: tjx
Reader Comments
Subscribe: RSS
View by: Time | Thread
credit card
A better system needs to be implemented that will prevent massive frauds of this kind. The paypal system should be the proper format for this type of system. This might be combined with some bio information like a finger print. It is a great opportunity for a new security business
[ link to this | view in chronology ]
Retailers usually take the hit
Any credit card user that actually follows the transactions, is highly unlikely to suffer any consequences due to CC fraud.
999/1000 it's the merchants that take the hit.
[ link to this | view in chronology ]
Re: Retailers usually take the hit
[ link to this | view in chronology ]
Re: Retailers usually take the hit
[ link to this | view in chronology ]
Re: Retailers usually take the hit
[ link to this | view in chronology ]
[ link to this | view in chronology ]
How'd It Happen?
Think of the breach like this - what would the reaction be if the architectural firm that designs the stores didn't include locks for the doors? Do you think there would be hell to pay from the corporate management?
In cities all over the US war driving is practiced everyday by young geeks. I've even tried it myself, and I'm 55!. Turn on the laptop, fire up Netstumbler and see who's left their network wide open. Is it so hard to understand how serious leaving an unsecured network open is?
TJX should pay every last penny for this breach, as should ANY business that allows this to happen.
[ link to this | view in chronology ]
Re: How'd It Happen?
What IT management? Have you ever seen a tech at any of these stores? Maybe that was the problem. There was NO IT telling these people that wireless is NOT secure. Just someone who got contracted to put up what the customer wants how they want it.
[ link to this | view in chronology ]
That's a bad idea. I already have enough trouble getting my order correct by the current staff.
[ link to this | view in chronology ]
My main bank account - without a debit card, is as close to inaccessible as it can get. It's easy to just stop at the bank, make a withdrawal and use a pre-paid card for online purchases. I'm not really paranoid at all, just think it's silly to trust computers too much.
If the hacker has my credit card number - he'll have to add money to it first, before he can use it :)
[ link to this | view in chronology ]
Re:
The more we can do to prevent these types of crime ... the better off we ALL are in the long run. And in some cases that might mean saying I will not use your wireless Interact machine because I don't know how secure your network is.
[ link to this | view in chronology ]
Debit Cards
If someone manages to steal your REAL credit card number the liability to the individual is minimal or nill, but if they get your debit card number (even if your bank reimburses you) it could still be a huge PITA.
That aside, credit card companies are aware of this kind of fraud but promote cc use so heavily because even w/some fraud and loss they make so much in interest and fees it more than covers it.
[ link to this | view in chronology ]
Re: Debit Cards
[ link to this | view in chronology ]
over-reaction
[ link to this | view in chronology ]