24 February 2018
Visit www.avoka.com

TJX agrees $9.75m settlement with US states

25 June 2009  |  4865 views  |  0 cash

Retail giant TJX has agreed to pay around $9.75 million as part of a settlement with a group of 41 state attorneys general investigating the massive security breach at its operations that resulted in the theft of millions of credit and debit card numbers.

Under the settlement, TJX will pay $5.5 million and provide $2.5 million to establish a new data security fund for use by the states to advance effective security and technology. A further $1.75 million will be paid to cover the costs of the investigations.

In addition, the company has to certify that its computer system meets detailed data security requirements specified by the states as well as "encourage" the development of new technologies to address "systemic vulnerabilities" in the US card system.

In a statement, the firm says it believes it did not violate any consumer protection or data security laws and decided to settle in order to concentrate on its core business "without distraction".

Jeffrey Naylor, chief financial and administrative officer, TJX Companies, says: "Under this settlement, TJX and the Attorneys General have agreed to take leadership roles in exploring new technologies and approaches to solving the systemic problems in the US payment card industry that continue to plague businesses and institutions and that make consumers in the United States worldwide targets for increasing cyber crime."

TJX says the cost of the settlement was reflected in a reserve it established in 2007.

The company has already reached a $40.9 million settlement with Visa and a $24 million deal with MasterCard over the breach. It has also settled with the Federal Trade Commission, requiring it to submit to an independent security audit every two years for the next 20 years.

TJX originally revealed on 17 January 2007 that the computer system it uses to process and store data relating to customer transactions had been hacked, potentially exposing millions of credit and debit card numbers.

Hackers placed unauthorised software on TJX's computer network and stole at least 100 files containing data on millions of accounts from systems in Framingham, Massachusetts and Watford, UK.

Debit and credit card data exposed in the breach is thought to have been used to make fraudulent purchases in Florida, Georgia and Louisiana in the US, as well as in Hong Kong and Sweden.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

TJX breach suspect jailed in Turkey over bank hacks

TJX breach suspect jailed in Turkey over bank hacks

09 January 2009  |  6537 views  |  0 comments
TJX settles with MasterCard over security breach

TJX settles with MasterCard over security breach

03 April 2008  |  7727 views  |  0 comments
TJX settles with banks over credit card data breach

TJX settles with banks over credit card data breach

19 December 2007  |  9363 views  |  0 comments
TJX settles with Visa

TJX settles with Visa

30 November 2007  |  5793 views  |  0 comments
TJX breach gets bigger with 94 million card numbers exposed

TJX breach gets bigger with 94 million card numbers exposed

25 October 2007  |  9938 views  |  0 comments
TJX card fraud gang leader jailed

TJX card fraud gang leader jailed

18 September 2007  |  7964 views  |  0 comments
Ukrainian man linked to TJX hacking

Ukrainian man linked to TJX hacking

22 August 2007  |  6575 views  |  0 comments
New England banks to sue TJX over data breach

New England banks to sue TJX over data breach

25 April 2007  |  5701 views  |  0 comments
TJX hack is biggest ever with 45.7 million card numbers stolen

TJX hack is biggest ever with 45.7 million card numbers stolen

29 March 2007  |  14659 views  |  1 comments
TJX data breach widens; may include UK and Ireland customer data

TJX data breach widens; may include UK and Ireland customer data

22 February 2007  |  6166 views  |  0 comments
Massachusetts attorney general to probe TJX data breach

Massachusetts attorney general to probe TJX data breach

09 February 2007  |  9070 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
Visit http://info.nice.comVisit https://www.capgemini.comVisit www.vasco.com

Top topics

Most viewed Most shared
Ripple makes new connections to emerging marketsRipple makes new connections to emerging m...
11789 views comments | 16 tweets | 10 linkedin
hands typing furiouslySome Interesting Applications Of The Inter...
10325 views 3 | 9 tweets | 1 linkedin
Basel Committee outlines disruptive fintech scenariosBasel Committee outlines disruptive fintec...
8566 views comments | 15 tweets | 26 linkedin
Investment Association sets up fintech accelerator for asset managersInvestment Association sets up fintech acc...
8088 views comments | 19 tweets | 10 linkedin
R3 creates Legal Centre of Excellence for blockchain technolgyR3 creates Legal Centre of Excellence for...
7772 views comments | 10 tweets | 14 linkedin

Featured job

Competitive base + commission + benefits
New York City, NY - USA

Find your next job