Risk: Informational
TJX, the US parent company of TK Maxx, has had over 45 million of its customers' credit and debit card details stolen.
TJX confirmed that between 31st December 2002 and 23rd November 2003, information had been stolen from 45.6 million cards used in Britain and North America and also stated that it did not know how many details had been stolen for transactions made between 24th November 2003 and 28th June 2004. It is known that customers' card details have been fraudulently used in Britain and TJX said that banks had indicated that they possessed "preliminary evidence of possible fraudulent misuse".
TJX's CEO and President, Carol Meyrowitz, said in an open letter on TJX's website: "With the help of computer security experts, we have strengthened the security of our computer systems and we believe customers should feel safe shopping in our stores."
According to TJX, the security breach happened in July 2005 and continued unnoticed for 18 months. The company discovered the breach in December 2006 but only disclosed its details recently; it's the biggest credit card theft in the world to date.