Elephants don't dance

TJX is no Johnson & Johnson. And right now Ben Cammarata is looking like no James Burke.

A quarter of a century after the bold decision by Burke, then chairman of Johnson & Johnson, to pull 31 million bottles of Tylenol capsules off the shelves remains the gold standard in corporate crisis-management. Seven people died from Tylenol laced with cyanide, and the Madison Avenue crowd was saying one of the world's best brands would never recover.

Burke succeeded by putting the customer first. Going against the advice of government agents and his own executives, Burke ordered a massive recall, which cost the company $50 million after taxes. Rather than hunkering down, Burke went on "60 Minutes" to explain what happened and dedicated the firm to the investigation. When Tylenol returned to the stores, it was in new triple-sealed packages and J&J gave away 80 million $2.50 coupons redeemable toward any Tylenol product.

The result: Tylenol regained more than 80 percent of its market share within a year. You'll find it in my medicine cabinet today.

The crisis that has engulfed TJX is not about life and death. But it is about consumer trust. This is retailing we're talking about, the most Darwinian of businesses, where only the strongest survive. If I can't trust the Marshalls brand, why not go to Target?

Millions of credit and debit cards may have been exposed by a security breach at Framingham-based TJX in what could become the nation's largest case of stolen consumer data. In the first line of its first public disclosure about the breach, TJX said it was "victimized by computer systems intrusion." Wrong. It is TJX's customers who were victimized by the criminals and TJX itself.

There is plenty of blame to go around. It is not news that identify theft and credit card fraud are problems, but government -- federal and state -- has been slow to act. The credit card companies and the banks have been noisy in pointing the finger at TJX -- no small irony from an industry that stuffs our mailboxes every day with yet another low-low credit offer.

But this particular problem belongs first to TJX. It was TJX that left a window open and let the bad guys sneak in and make off with its customers' credit data. What about it, Ben Cammarata? Did you wait a month to tell your customers because the cops asked you to or because you were in the middle of the Christmas selling season? Why are you still "considering" whether to offer free credit monitoring to customers? Why have customers who had their license numbers stolen not gotten so much as a letter from you?

Debra Gibbons of Needham, a long-time TJX shopper, wants to know. She got a call from her credit card company saying her account was on fraud alert. Said Gibbons: "To close the account or not to close the account, that was the question. I closed the account . . . TJX owes the public something more than lip service. We want answers and we want them now."

Cammarata is a world-class retailer who preaches the value of "sweaty palms" -- that is, always sweating the suppliers until the last minute for the best prices. But as a leader amid one of the company's worst crises, he has been invisible. If TJX were a different kind of company and Cammarata a different kind of leader, company and chairman could become the champion for the need to do something about identify theft and credit card theft. But then elephants don't break dance, either.

Now it is TJX's customers doing the sweating. Repeat after me, Chairman Cammarata: The victim is the customer, not the company. The victim is the customer, not the company. If TJX takes care of its customers, the customers will take care of TJX. If not, there is always Target.

Steve Bailey is a Globe columnist. He can be reached at bailey@globe.com or at 617-929-2902.