business news updates
updated
Monday, 9:58 AM
From the Boston Globe Business Team

TJX: credit-card data may have been stolen

Email| Text size +
January 17, 2007 04:48 PM

TJX Cos. said today it discovered the theft of credit-card and debit card information from its systems, a breach that could affect a broad swath of customers of TJ Maxx, Marshalls and other stores.

The Framingham retailer, which has 2,500 outlets, said it doesn't know how much data was compromised by the break-in, though one banking official said potentially millions of cardholders could be affected.

Data breaches are becoming an increasing threat to consumers and payments systems that handle millions of transactions per day. TJX's case is unusual in that many cases tracked by privacy advocates involve data that was inadvertently lost or left unshielded. In contrast, TJX said it had discovered in the middle of December that it "suffered an unauthorized intrusion'' into the parts of its computer system that process and store details of customer purchases.

TJX said the intrusion involved the portion of its network that handles credit card, debit card, check, and merchandise return functions.

Visa has notifed at least eight banks in Massachusetts about the breach, said Bruce Spitzer, a spokesman for the Massachusetts Bankers Association, and the number could go higher as the group finishes a survey of its 205 member banks.

Visa, in a statement, said the company is working with TJX and law enforcement, and that it is reviewing all transactions to help banks that issued its cards to distinguish fraudulent transactions from legitimate ones.

TJX said the breach affects a network that stored credit and debit transactions during 2003 as well as for the period from mid-May through December 2006. TJX also said that it has identified a limited number of credit card and debit card holders whose information was removed from the systems. Some customers' drivers' license numbers were also removed.

The company said it waited until today to reveal the problem at the request of law enforcement working on the case.

TJX has established a hotline, 1-866-484-6978, for customers who have questions.

(By Ross Kerber, Globe staff)

 BANKRATE.COM: ID theft checklist
 BANKRATE.COM: How to fix it
 MESSAGE BOARD: Your theft story
 POPUP: Information from TJX

Col3