TJX reaches settlement with states on data theft

Jun 23, 2009

(AP) -- Discount retailer TJX Cos. said Tuesday it has reached a settlement with multiple states related to a massive data theft that occurred at the parent company of retailers T.J. Maxx and Marshall's a few years ago.

The Framingham, Mass.-based company said it will pay $2.5 million to create a data fund for states as well as a settlement amount of $5.5 million and $1.75 million to cover expenses related to the states' investigations. But TJX stressed that it "firmly believes" that it did not violate any consumer protection or data security laws.

"The decision to enter into this settlement reflects TJX's desire to concentrate on its core business without distraction and to promote measures that will benefit all consumers," the company stated.

TJX said the settlement's costs are already accounted for in a 2007 reserve it created.

The breach, which was disclosed in January 2007, exposed tens of millions of payment card numbers to hackers. TJX has said that at least 45.7 million credit and debit cards were exposed to possible fraud in the computer systems breach that began in July 2005. The breach wasn't detected until December 2006.

Under the with a multi-state group of 41 Attorneys General, TJX must also certify that its computer system meets detailed data security requirements specified by the states and must encourage the development of new technologies to address weaknesses in the U.S. payment card system.

TJX runs 882 of its namesake stores, 811 Marshalls, 322 HomeGoods and 141 A.J. Wright stores in the U.S. It has 203 Winners, 75 HomeSense and 3 Stylesense stores in Canada and 242 T.K. Maxx and 8 HomeSense stores in Europe.

The company's stock fell 23 cents to $30.55 in afternoon trading.

©2009 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Explore further: Startups offer banking for smartphone users

add to favorites email to friend print save as pdf

Related Stories

TJX Intruder Had Retailer's Encryption Key

Mar 30, 2007

Not that the culprit necessarily needed it. Data was apparently taken during the card-approval process before it was encrypted. These are among the latest details in what is almost certainly the worst retail data breach ever. ...

Why Encryption Didn't Save TJX

Mar 31, 2007

TJX: It's the target of the largest known customer record theft of all time, and it's a case in point that encryption is not a silver bullet.

TD Ameritrade data theft settlement gets court OK

May 11, 2009

(AP) -- More than 6 million current and former customers of online brokerage TD Ameritrade Holding Corp. will be able to benefit from the settlement of a class-action lawsuit filed over the theft of client contact information.

Monster settles SEC backdating charges for $2.5M

May 18, 2009

(AP) -- Monster Worldwide Inc., which runs the Monster job search Web site, has agreed to pay $2.5 million to settle federal civil charges that it secretly backdated options for its executives and employees.

Recommended for you

Startups offer banking for smartphone users

23 hours ago

The latest banks are small enough to fit in the palm of your hand. Startups, such as Moven and Simple, offer banking that's designed specifically for smartphones, enabling users to track their spending on the go. Some things ...

Ecuador heralds digital currency plans (Update)

Aug 29, 2014

Ecuador is planning to create what it calls the world's first digital currency issued by a central bank, which some analysts believe could be a first step toward abandoning the country's existing currency, ...

'SwaziLeaks' looks to shake up jet-setting monarchy

Aug 29, 2014

As WikiLeaks founder Julian Assange prepares to end a two-year forced stay at Ecuador's London embassy, he may take comfort in knowing he inspired resistance to secrecy in places as far away as Swaziland.

WEF unveils 'crowdsourcing' push on how to run the Web

Aug 28, 2014

The World Economic Forum unveiled a project on Thursday aimed at connecting governments, businesses, academia, technicians and civil society worldwide to brainstorm the best ways to govern the Internet.

User comments : 0