Visa fines TJX credit card processor

Share this article:

Visa has doled out some $880,000 in fines to a Cincinnati-based acquiring bank that retail chain TJX contracted with to process most of its credit card transactions.

Fifth Third Bank was not following proper security guidelines related to the Payment Card Industry Data Security Standard (PCI DSS), according to court filings from a group of banking associations suing TJX over the breach.

TJX likely will bear the financial burden because, in most cases, the acquiring bank passes the fine down to the offending retailer.

A spokeswoman for Fifth Third, which has been named in the lawsuit brought by the banks against TJX, declined to comment because of the pending litigation. A Visa spokesman also declined comment.

The Framingham, Mass.-based parent of Marshalls and T.J. Maxx, admitted in January that some 45.7 million credit card numbers were exposed to hackers.

Last week, the filing stated that 94 million accounts were actually compromised. TJX disputes those findings and has said that 95 percent of the card numbers were expired when the breach was revealed.

The fines, according to an official letter from a Visa executive to Fifth Third, would be distributed in two parts.

One fine, for $500,000, was assessed "due to the seriousness of this security incident and the impact on the Visa system," according to a Boston Globe report today. The other fine, for $380,000, was assessed for "TJX's failure to cease storing prohibited data."

Visa announced last week that it has begun fining level-one merchants — those who process more than six million credit card transactions each year — $25,000 per month if they fail to comply with the PCI standard.

Liz Oesterle, government relations counsel for the National Retail Federation, an industry lobby that represents 1.6 million stores, said TJX also faces additional penalties from the payment brands related to fraud and card reissuing costs.

"TJX is going to get a big, fat bill from Visa and MasterCard," she told today.


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.