Hacked personal information from Marshalls, T.J. Maxx parent company used in fraudulent purchases

Share this article:

Personal information stolen from the databases of TJX Companies has been used in fraudulent credit card purchases in the United States and abroad, according to one banking organization.

The Massachusetts Bankers Association (MBA) reported this week that criminals have used the private data for acquisitions in Florida, Georgia, Louisiana, Hong Kong and Sweden.

TJX, based in Framingham, Mass. said last week in a statement that the extent of the breach was unknown, but hackers may have been stealing private information for up to three years before their actions were detected last month.

The breach affects credit card, debit card, check and merchandise return transaction information for customers of T.J. Maxx, Marshalls, Homegoods and A.J. Wright stores in the U.S. and Puerto Rico and Winners and HomeSense stores in Canada.

The incident also may affect customers of Bob’s Stores in the U.S. and T.K. Maxx in the United Kingdom and Ireland.

Daniel J. Forte, MBA president and CEO, said Wednesday in a statement that the reports of fraudulent purchases could lead to phishing attacks.

"(Criminals) may want to confirm your personal information, anything that could be matched with what they already have and then, upon getting it, steal your identity with the ability to open new accounts, apply for credit and more," he said.

Nearly 60 banks have told the MBA that they’ve been contacted by credit card companies about compromised cards. That number is likely to grow higher, according to the MBA.

Ben Cammarata, TJX chairman and acting CEO, said last week in a statement that the company has alerted law enforcement officials and information security experts and an investigation is underway. He also advised customers to take measures to safeguard their personal information.

Click here to email Online Editor Frank Washkuch Jr.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Researchers observe more than a hundred connections to 'Backoff' sinkhole

Researchers with Kaspersky Lab were able to sinkhole two command-and-control servers used by certain Backoff point-of-sale malware samples.

Judge lifts stay but Microsoft won't hand over emails during appeal

A judge has lifted a suspension of a previous order compelling Microsoft to hand over customer emails stored on a server in Ireland.

Home Depot investigates possible payment card breach

Home Depot investigates possible payment card breach

Home Depot said on Tuesday that it is working with its banking partners and law enforcement to investigate a possible data breach.