Massive credit card heist at TJX
If you store the data, thieves will come.
At least 45.7 million credit and debit card numbers were stolen by hackers who broke into the computer systems at the TJX Cos. in Framingham and the United Kingdom and siphoned off data over a period of several years, making it the biggest breach of personal data ever reported, according to security specialists.
TJX, the Framingham discounter that operates the T.J. Maxx and Marshalls clothing chains, also reported in a regulatory filing yesterday that another 455,000 customers who returned merchandise without receipts had their personal data stolen, including drivers’ license numbers. ‘‘It’s the biggest card heist ever,’’ said Avivah Litan, vice president of Gartner Inc. ‘‘This was obviously done over a long period of time, in many locations. It’s done considerable damage.’’
Full story at boston.com.
I’ve got a bit more to say about credit card security, but for now I’ll leave it with this: Every two to three years, you should clear out your old credit cards. Get new numbers from your bank. It’s a hassle, but if you use a credit card regularly, there’s a great chance it’s stored in old databases all over. I’m not sure how that works for driver’s licenses, or how you’d go about getting a new one.
We might ask, what the hell was TJX doing asking for driver’s license numbers in the first place? Oh right, it was some clever store policy, collecting extra data to deter fraud, in this case when a customer returned an item.
That’ll really show those thieves.