T.J.Max - Data Loss - Should Companies Be Liable?
- 10
- Add a Comment
I’m sure by now that most of us have read the story about T.J.Max and the loss of some 45 million credit card and debit cards numbers that were apparently stolen following a break into their systems. But what seems even more incredible about the incident is that the break dates back to July of 2005. The company still doesn’t have a clue whether the break in was ongoing and just random breaks ins to their systems. Though they did discover that in December 2006 that suspicious software was hidden on their systems.
OK. So let us look at this situation. Several things come to my mind concerning the break in:
- T.J.Max has a IT department being run by Miss Childers 3rd grade class for incorrigible youth.
- T.J.Max doesn’t have a IT department.
- T.J.Max doesn’t have a clue about anything except that stuff was stolen.
- T.J.Max should not be allowed to use computers and each employees should be issued a Etch-a-Sketch.
- All of the above.
What is disturbing to me is that it will be the average person who will end up suffering. Someone who went to T.J.Max to buy a pair of socks and used their credit card to charge the purchase. This poor soul will now be punished by having his/her card used to charge up thousands of dollars worth of merchandise and then gets to fight with the credit card companies after his credit is screwed up. I have read where it takes some people years to get their report cleared for something they did not do.
So is it fair for T.J.Max to get off with a wrist slap? Shouldn’t they have to pay everyone who’s credit card was stolen for the pain and suffering they have incurred? How about having to clear everyone’s record who’s card was stolen and pay off any charges the thieves have charged?
What is your take on this? Should companies be held more liable for losing our identities and letting our credit cards be used by cyber criminals?
Comments welcome.
PS I am going to venture a guess that as the investigation proceeds we will learn that someone on the inside of T.J.Max may have been a accomplice to the theft. 
[tags]data, loss, tjmax, criminals, credit, cards, [/tags]
10 Comments
Tim Hodkinson
April 3rd, 2007
at 7:12am
I think the whole system needs to be changed so that vendors don’t need to retain cardholders’ information. Leaving a copy of your credit card everywhere you buy something is the problem.
Until that happens I think vendors should be held responsible for the cardholder information they keep. But I guess it’s not so easy to connect a fraudulent transaction on someone’s card with any particular vendor they may have made a purchase with in the past. It’s hard to say where the information was stolen from.
I’m sure there’s a lot of good ideas already available to make the system more secure. Photos on cards, customer generated pin numbers, time sensitive pin numbers (only good for one month or week), 3rd party storage of cardholder info, death penalty for credit card fraud…
Ron Schenone
April 3rd, 2007
at 8:13am
Hi Tim,
“death penalty for credit card fraud”
What do we do with all of the bodies? LOL
Kay Clark
April 5th, 2007
at 1:54am
Yes, anyone who does business with the public and uses their credit information for “anything” should be held responsible. Here’s why I say that.
June of last year the USPS, for whatever reason, rerouted my all mail. I’ve lived at the same address since 2001 and I didn’t turn in any change of address. The first thing I had thought had happened when I wasn’t getting my mail was that someone had stolen my identity. It took until August of last year to get it straightened out. There was no apology on the part of the USPS–Imagine that. Then in December (same year), I received a letter from the company who oversees my retirement account. “All” my information, everything about my financial, personal, I mean everything, went missing. Here’s a quote from the notice I received (along with a brochure titled, Reduce your risk of Identity Theft). Here’s the quote, “After the visits, I discovered the portfolio and client information were missing, and have been unable to locate them.” And of course their apologies for “any inconvenience this incident may cause me.” No further explanations if the information is still missing or has been located.
You betcha, anyone who handles any your information should be held accountable for its security.
Ron Schenone
April 5th, 2007
at 4:45am
Hi Kay,
Thank you for sharing your experience with us. And I agree with you that our data and those who have access to it, should make it a accountability issue and they should be held responsible.
Regards, Ron
DAVE
April 6th, 2007
at 11:12am
NOT ONLY WERE CREDIT CARD DATAS & NUMBERS STOLEN, BUT I HAVE BEEN NOTIFIED NOW THAT MY DRIVERS LICENCE INFORMATION HAS ALSO BEEN STOLEN. HERE’S THE KICKER…..MY DRIVERS LIC. WAS A HAWAIIAN DRIVERS LIC. & UNTIL RECENTLY THE STATE OF HAWAII USED YOUR SOCIAL SECURITY # FOR YOU DRIVERS LIC. #. TJMAX. MARSHALLS, HOMEGOODS ALONG WITH OTHERS INCLUDING ROSS STORES, REQUIRE YOU TO HAVE YOUR DRIVERS LIC. SWIPED AND STORED IN THEIR COMPUTERS IN ORDER TO RETURN AN ITEM THAT YOU DO NOT HAVE A RECIEPT FOR. THEY KEEP TRACK ON HOW MANY TIMES YOU RETURN ITEMS WITHOUT A RECIEPT. LOOKS LIKE SOMEONE OUTTA KEEP TRACK OF THEM!I WAS SO GENEROUSLY OFFERED A 90 DAY FREE WATCH ON MY CREDIT SCORE…..I CALLED AND AT LEAST, FOR THE MOMENT GOT A FREE YEAR OF THIS SERVICE. TJX’S LETTER STATED EVERYTHING THAT I HAD YO DO, BUT TOLD OF NOTHING THAT THEY WERE DOING. THIS SOUNDS LIKE A CLASS ACTION SUIT……
Ron Schenone
April 6th, 2007
at 11:55am
Hi Dave,
Thanks for posting your comments.
Regards, Ron
Edwin
April 8th, 2007
at 9:01am
tj max are slackasses but the real crooks are elsewhere …
the crooks are the finance industry and the dumbass form of political constitutional government in the us which is totally unresponsive to citizens and entirely responsive to the finance industry
the finance industry has fought tooth and nail against any restricitve regulation by the time honored expediency of bribing politicians … you didn’t think the politicians cared a rats ass about what happened to you,what you think, or want, did you ?
the finance industry has laws in place by their tools, the scum of the earth, the politicians, to make life easy for them, and profitable, very, very profitable
drmike
April 8th, 2007
at 9:18am
Another “excuse” that could be made is that the IT department was aware of the issue but those in power (ie Pointy Haired Bosses of PHBs) wouldn’t allow them the ability to fix the issue or spend the money needed to fix the problem. I see it a lot in companies where IT knows that it has an issue but have their hands tied by upstairs and are unable to resolve the problem.
Ron Schenone
April 8th, 2007
at 10:39am
Hi Erwind and drmike,
Thanks to you both for your comments.
Regards, Ron
Chris
April 9th, 2007
at 9:35am
Hello. Just found this site by searching on Google for TJ Maxx and the credit issue. Thought I would share my story of how my bank cut off my debit/credit card in the middle of the day without telling me about it. I had to call in and find out what was wrong and that took a half hour before the bank figured out why they shut down my card number. It will take 10 to 14 business days till I get it back.
I have recently started up a new blog and I put up a video on Youtube using my cell phone camera asking the manager of the local TJ Maxx what they were going to do. I also made some follow up calls to Netflix, who has put my account on hold, TJ Maxx special number and my bank.
Here is a link to a page with more information:
http://intheory.tv/?p=42