FTC launches probe into TJX data breach

Share this article:

Coming as no surprise, the Federal Trade Commission has opened an investigation into the recent data breach at discount clothing retailer TJX, in which potentially millions of customers' payment information was accessed by crooks.

"I can confirm the (FTC) has an investigation," agency spokeswoman Claudia Bourne Farrell told SCMagazine.com today, adding that she could not further comment on details of the probe.

A spokeswoman at Framingham, Mass. TJX, parent company of well-known retailers T.J. Maxx and Marshalls, did not return a telephone call seeking comment.

Last month, the company said investigators determined its network was also breached in July 2005 and later that year. When the company first reported the breach in January, it believed intrusions were confined to May to December 2006.

In addition, the company said credit and debit card transactions completed between January 2003 and June 2004 at its U.S., Puerto Rican and Canadian outlets were compromised. TJX previously reported that the data was "potentially" accessed.

The company also said it has discovered evidence that the portion of its network that processes T.K. Maxx transactions may have also been hacked. T.K. Maxx stores are located in the U.K. and Ireland.

Since the watershed 2005 Choice Point incident, in which cyberthieves posing as real customers of the data aggregation firm stole the personal information of 163,000 people, the FTC has wielded a big stick in its crackdown on shoddy information security practices.

In the Choice Point matter, where 1,400 fraud victims since have been identified, the FTC slapped the company with a $15 million penalty.

Click here to email reporter Dan Kaplan.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.