After an autistic girl and her service dog were wrongly kicked out of a discount clothing store owned by TJ Maxx, the district manager profusely apologized and gave them a $25 gift card to pick out anything she liked. When she returned and tried to use the gift card, store staff kicked her out for having a service dog again. Looks like someone didn’t get the memo.
A few months back, we wrote about a couple in Illinois who tried to combine cheap with hilarious by getting married at a Taco Bell. For better or for worse, it looks like that happy couple is not alone, with an increasing number of people walking down the aisles of retail stores and restaurants.
Albert Gonzalez, a 28-year-old from Miami who was arrested last year and charged with leading “a worldwide ring that stole more than 40 million credit and debit card numbers from major retail chains,” plead guilty today as part of a plea bargain. He faces up to 25 years in prison.
Christopher Soghoian over at Cnet is reporting that Turkish police may have used violence to get the encryption keys of one of primary ringleaders in the TJ Maxx credit card theft investigation. The suspect, Maksym Yastremskiy, is apparently a “major figure in the international sale of stolen credit card information.”
We’ve received queries from readers telling us that their Citibank cards have been replaced, and asking whether we’ve heard about any new security breach. Other than Forever 21 we haven’t, so we’re wondering whether they’re responsible for the stories below.
The world’s greatest bank thief is in custody. For ripping off over 45.7 million consumer’s credit cards from TJ Maxx, and other retailers, authorities pressed charges on Miami mastermind Albert Gonzalez and 11 others. The stolen numbers were sold to other scammers who manufactured fake debit cards and drained their victims’ accounts. The breach stemmed mainly from TJ Maxx stores using an unsecured wireless router.
This is Round 17 in our Worst Company in America contest, Wal-Mart vs TJMaxx.
Everyone has their own special reason for hating Wal-Mart. Forcing manufacturers to make shoddier versions of their products is pretty bad. Selling sandals that gave patrons feet chemical burns was pretty bad too. What’s yours?
TJMaxx’s lax wireless security lead to the theft millions upon millions of customer’s debit and credit card numbers being stolen, the greatest bank robbery in the history of the freakin’ world.
TJX will be paying as much as 40.9 million in a settlement with Visa and the bank that processes their credit card payments , says the Associated Press.
The funds will be used to help U.S. credit card issuers such as banks recover costs related to the breach, which may have exposed more than 100 million cards to potential fraud, TJX said.
Last Sunday’s 60 minutes had a report by Lesley Stahl about the now-infamous TJX data breach.
The recently reported TJ Maxx security breach—where data on 94 million credit card accounts was stolen in 2003, 2004, and 2006—has ended up costing the company $200 million and counting. But although it’s the biggest example so far of retail data theft, TJ Maxx isn’t the only retailer doing a poor job of keeping sensitive data protected from hackers. One wireless security vendor recently surveyed thousands of stores and discovered that a significant number of retailers don’t practice good wireless security:
According to new court papers, Visa and Mastercard are saying that the TJ Maxx security breach actually affected 94 million accounts—more than double the amount that TJ Maxx reported.
Mouseprint.org has read the fine print and they say you’re probably out of luck when it comes to the TJ Maxx Settlement:
So, it is primarily shoppers who returned goods without a receipt during the relevant period who qualify for that part of the settlement. That amounts to some 455,000 people, a mere 1% of the total number possibly affected. These people have already received a direct notification of the breach from TJX, and will also be entitled to other compensation if they experienced actual losses.
The announcement did not specify the settlement cost, but noted that its estimated costs were included in a $107 million reserve included in its second-quarter report for fiscal 2008 and its estimate of $21 million in costs expected in fiscal 2009. The $107 million figure includes costs from other lawsuits not included in the customer class actions, the Framingham-based company said.
The Wall Street Journal is reporting that the most likely scenario for how the hackers stole an estimated 200 million card numbers is as simple as a person with a laptop breaking into the wifi network of a store:
The biggest known theft of credit-card numbers in history began two summers ago outside a Marshalls discount clothing store near St. Paul, Minn.
As of Dec 4th, 2006, it’s illegal for a retailer to print more than five digits of your credit card on your receipt. Retailers who persisted are getting hit in a recent whirlwind of class-action lawsuits.
TJMaxx computer system intruders who stole 45.7 million credit cards siphoned off customer data using a program they implanted on the company’s servers, recent regulatory filings reveal.
45.7 million credit cards were stolen in recently disclosed security breaches at TJMaxx, regulatory filings revealed yesterday.