TJX Security breach

927 Words4 Pages
The average consumer never thinks twice about using a credit card, when purchasing at a major chain department store. Most point of sales and credit card terminals, are made by a choice few companies. As a result this means that a hacker only needs to know how to exploit vulnerabilities from a small handful of systems. When a consumer makes a purchase they never wonder “is my transaction safe?” Never do they wonder if the company’s Information Technology department has upgraded all computer systems to the latest revision and updates. As a general rule the average consumer is unaware of what a ram scraper is, or if the company’s security has been breached until it is too late. That’s what happened for over 18 months to TJX Companies starting in July 2005. TJX Companies is one of the largest global apparel and home fashions department store chain. For instance the stores owned by TJX Companies consist of T.J. Maxx, HomeGoods, Marshalls, AJWright, and The Maxx, which are located throughout the United States, Canada, and Europe. The sheer volume of transactions processed thru TJX Companies, made this breach so historic, since over 45.7 million card numbers were siphoned out of TJX Companies network and sold in the underground internet black market (Staff, 2007), usually called “data supermarkets”. In these data supermarkets credit card numbers can sell for as little as cents to as much as $10 to $20 per card number depending on quantity or source. Hackers have a complicated underground network for disseminating out this credit card data as quickly as possible, since the longer it takes for the bad guys to actually use the data the higher the chance the loss of the data would be discovered. Unfortunately the data breach at TJX Com... ... middle of paper ... ... Council, P. S. (2010, 02 5). PCI Security Standards Council. Retrieved 02 05, 2010, from https://www.pcisecuritystandards.org/index.shtml Espiner, T. (2007, May 9). Silicon . Retrieved January 2010, from http://www.silicon.com/technology/security/2007/05/09/wi-fi-thieves-carried-out-tk-maxx-data-heist-39167033/ Fleishman, B. G. (2007, May 5). Marshalls Use of WEP Leads to 200m Stolen Credit Card Numbers. Retrieved March 3, 2010, from http://wifinetnews.com/archives/2007/05/ Smith, E. N. (2009, December 30). End of Road for Hacker in Record Credit Card Theft. Retrieved March 3, 2010, from http://www.creditcardguide.com/creditcards/news/road-hacker-record-credit-card-theft-166/ Staff, S. (2007, 03 07). Search Security : Security News. Retrieved 03 05, 2010, from Search Security: http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1249421,00.html

More about TJX Security breach

Open Document