Visa fines TJX credit card processor

Share this article:

Visa has doled out some $880,000 in fines to a Cincinnati-based acquiring bank that retail chain TJX contracted with to process most of its credit card transactions.

Fifth Third Bank was not following proper security guidelines related to the Payment Card Industry Data Security Standard (PCI DSS), according to court filings from a group of banking associations suing TJX over the breach.

TJX likely will bear the financial burden because, in most cases, the acquiring bank passes the fine down to the offending retailer.

A spokeswoman for Fifth Third, which has been named in the lawsuit brought by the banks against TJX, declined to comment because of the pending litigation. A Visa spokesman also declined comment.

The Framingham, Mass.-based parent of Marshalls and T.J. Maxx, admitted in January that some 45.7 million credit card numbers were exposed to hackers.

Last week, the filing stated that 94 million accounts were actually compromised. TJX disputes those findings and has said that 95 percent of the card numbers were expired when the breach was revealed.

The fines, according to an official letter from a Visa executive to Fifth Third, would be distributed in two parts.

One fine, for $500,000, was assessed "due to the seriousness of this security incident and the impact on the Visa system," according to a Boston Globe report today. The other fine, for $380,000, was assessed for "TJX's failure to cease storing prohibited data."

Visa announced last week that it has begun fining level-one merchants — those who process more than six million credit card transactions each year — $25,000 per month if they fail to comply with the PCI standard.

Liz Oesterle, government relations counsel for the National Retail Federation, an industry lobby that represents 1.6 million stores, said TJX also faces additional penalties from the payment brands related to fraud and card reissuing costs.

"TJX is going to get a big, fat bill from Visa and MasterCard," she told today.


Share this article:

Sign up to our newsletters

More in News

With RATs at their disposal, 419 scammers target businesses

With RATs at their disposal, 419 scammers target ...

A new report reveals how Nigeria's 419 scammers are spreading malware to pocket business funds.

InfoSec pros worried BYOD ushers in security exploits, survey says

InfoSec pros worried BYOD ushers in security exploits, ...

A study by the Information Security Community on LinkedIn found most organizations don't have proper polices and support for BYOD.

Six charged in global StubHub scheme, company defrauded out of $1 million

Six charged in global StubHub scheme, company defrauded ...

Manhattan DA Cyrus Vance announced on Monday that six individuals are charged for their roles in a global scheme that defrauded StubHub out of $1 million.