TJX Data Theft Proving Expensive for Discount Retailer
TJX, the owner of a number of off-price retail brands, including T.J. Maxx, Marshalls and A.J Wright stores, disclosed a data breach in 2007, where 45.6 million credit and debit card numbers were stolen from one of its systems over a period of more than 18 months by an unknown number of intruders. As a result of the computer intrusion, the retailer has spent more than $195 million in 'learning how to protect online payment systems from hackers,' according to the company's third-quarter 2009 regulatory filing:
- TJX suffered an unauthorized intrusion or intrusions (collectively, the "Computer Intrusion") into portions of its computer system, which was discovered during the fourth quarter of the fiscal year ended January 27, 2007 ("fiscal 2007") and in which TJX believes customer data were stolen. Since the discovery of the Computer Intrusion through the end of the fiscal 2009 third quarter, TJX had cumulatively expensed $195 million with respect to the Computer Intrusion....