Congratulations to TJX for entering the history books, by being the victim of the largest reported data theft in history.
Person or persons unknown have hacked into the TJX database, and stolen data from at least 45.7 million credit and debit cards of shoppers at off-price retailers including T.J. Maxx and Marshalls.
However, the problems for TJX don't end there. Rather foolishly, although they reported the theft 2 months ago, they only reported the number stolen card details last week.
That mistake and the possible security lapses may well cost them dear, as various orangisations are mooting taking legal action against them.
IT experts have been quoted in the Media as saying that the information disclosed to date, indicates that there were security weaknesses viz; failure to promptly delete data on customer transactions, and to guard secrets about how such data is protected through encryption.
Deepak Taneja, chief executive of Aveksa, said:
"It's not clear when information was deleted, it's not clear who had access to what, and it's not clear whether the data kept in all these files was encrypted, so it's very hard to know how big this was."
Card companies and banks around the world are having to reissue cards to customers, as a precaution against fraud.
Information from 45.7 million cards was stolen from transactions beginning in January 2003 and ending November 23 of that year.
TJX faces an investigation by the Federal Trade Commission, which could fine the company, and lawsuits accusing the firm of failing to safeguard private data.
TJX is the parent company of the T.J. Maxx, Marshalls, HomeGoods and A.J. Wright stores in the US, Winners and HomeSense in Canada and T.K. Maxx in Britain.