Friday, March 30th, 2007...11:37 am...by: Anthony

TJ Maxx Latest News

Jump to Comments

Today, I read a very interesting article by Evan Schuman of eWeek regarding the TJ Maxx data theft. The title of it made me pause: “The Nightmare Scenario: What if TJX Did Everything Right?”. I admit, I had thought of that previously but dismissed it since TJX was being rather tight-lipped about the incident. To me, that silence meant they must have been negligent in some way. And, since my wife’s data was stolen in the TJX database hack, that sealed my opinion. However, as I said, the title of that article caused me to reflect, what IF TJ Maxx did everything right?


Get Equifax Credit WatchIt appears that TJX WAS encrypting data and it appears that the thieves got around that encryption by stealing a copy of the software encryption key AND by stealing the data just before it was encrypted. That should make ANY retailer perk up and take note.

This information in itself still does not mean that TJX did everything right; it just means that there may be more to the story. MasterCard did confirm that TJX had violated the PCI rules, but maybe the majority of the problem was because the thieves were really good at their job as opposed to TJX being really bad.

We still do not know exactly HOW the thieves got access to the encryption software, if it was an inside job or if they found it during their intrusion. But, maybe we will get more information in the coming days and weeks. Anyone with an e-commerce website or retail store should pay particular attention to this case because there are sure to be some valuable lessons learned.

As for me, I suppose I should reserve final judgment until the dust settles. I am still not shopping there, although I bet they are about the most careful retailer out there when it comes to sensitive data.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Google
  • Facebook
  • SphereIt
  • Reddit
  • Technorati
  • LinkedIn
  • Netvouz
  • description
  • ThisNext
  • MisterWong
  • Wists
  • BlogMemes
  • Furl
  • NewsVine
  • Slashdot
  • Spurl
  1. TJ Maxx Data Thief Irving Escobar Sentenced Irving Escobar, one of the main parties responsible for the...
  2. TJ Maxx Database Hack Putting New Englanders in Danger The TJ Maxx database hack carried out against Framingham, Massachusetts...
  3. Hackers Break Into T.J. Maxx Database T.J. Maxx has reported the they have been hacked. "I...
  4. TJ Maxx Might Be Getting Off Easy Evan Schuman reports on his blog that a few days...
  5. TJ Maxx Not Really Helping Consumers That's my opinion after reading the details of the proposed...

If you like what you read, please consider subscribing to our blog by RSS or by e-mail.
It would really help us out.



Here are a Few Related Posts

  1. TJ Maxx Data Thief Irving Escobar Sentenced Irving Escobar, one of the main parties responsible for the...
  2. TJ Maxx Database Hack Putting New Englanders in Danger The TJ Maxx database hack carried out against Framingham, Massachusetts...
  3. Hackers Break Into T.J. Maxx Database T.J. Maxx has reported the they have been hacked. "I...
  4. TJ Maxx Might Be Getting Off Easy Evan Schuman reports on his blog that a few days...
  5. TJ Maxx Not Really Helping Consumers That's my opinion after reading the details of the proposed...

No Comments

Filed under Are You Kiddin' Me?, General, Security

Leave a Reply