ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Security threats Toolkit

Privacy experts: TJX breach was 'foreseeable'

Colin Barker ZDNet.co.uk

Published: 26 Sep 2007 14:12 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

The risk of a breach of sensitive personal information held by retail giant TJX earlier this year was foreseeable, but the company failed to put in place adequate security safeguards, an investigation by privacy authorities in Canada has concluded.

The report, released on Tuesday, reached some damning conclusions.

"The company collected too much personal information, kept it too long and relied on weak encryption technology to protect it — putting the privacy of millions of its customers at risk," said the privacy commissioner of Canada, Jennifer Stoddart, in the report.

Modern crime made a large-scale breach of this kind inevitable, Stoddart concluded. "Criminal groups actively target credit card numbers and other personal information," she said in the report. "A database of millions of credit card numbers is a potential goldmine for fraudsters and it needs to be protected with solid security measures."

What made such a breach more likely was that the information had been kept for a long time, she concluded. "The TJX breach is a dramatic example of how keeping large amounts of sensitive information, particularly information that is not required for business purposes, for a long time can be a serious liability."

Sentry Posts Blog

Sentry Posts Blog
Guarding the network

What you need to know — and what you and your peers have to tell us — about security management in our new community group blog

Read more +

Stoddart said the affair was a "wake-up call" for all retailers.

Frank Work, the information and privacy commissioner of Alberta, added: "They must collect only the personal information necessary for a transaction."

TJX disclosed in January that its computer system had been breached, putting millions of credit and debit card numbers as well as other personal information at risk. In May, TJX said it believed the hackers gained access to its information via the Wi-Fi networks.

Details of 45 million customers of the TJX group, which includes TK Maxx in the UK and other stores in Ireland, the US and Canada, had been put at risk.

TJX could offer no comment at the time of writing.

  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with Dell

Did you find this article useful?
6 out of 6 people found this useful


Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:






Related Jobs

Credit Risk IT - Business Analyst - Tier 1 Banking **

Huxley Associates are currently looking for several junior, intermediate, and senior Risk Business Analysts to join a Tier 1 Banking client to work ...

Credit Risk Manager required for Investment Bank, London

Do you have the ambition to work as a Credit Risk Manager? Our client seeks a credit risk manager to join a team covering the European Gas and ...

Credit Risk Analyst Role ( London )

Major Energy franchise seeks experienced credit risk analyst to join their risk control team based in Central London. The role offers great exposure ...

Featured Talkback

What was achieved there is recognised to be of fundamental importance to both winning the war (Churchill visited to say 'thank you' to them) and the development of the computer. Maybe Bill Gates doesn't want to support this museum because it underlines where electronic computing started i.e. here, not the U.S.

By: 1000103773

Read full story:
Bletchley Park faces bleak future

Sentry Posts Blog

Mobile Security Expert: Your Camera Ph...

Mobile Security Expert: Your Camera Phone Got Hacked Author: Eric Everson, Founder MyMobiSafe.com Have you ever heard someone say “I’d like to be a fly on the wall in that room.”?... More

Post a comment

Skype - The Roach Motel

Here is an interesting article from The National Business Review, pointing out once again that you can never delete a Skype account. Never. Period. This is something I am familiar... More

Post a comment

The vPhone: Why Visa Should Go Mobile

The vPhone: Why Visa Should Go Mobile Author: Eric Everson, Founder MyMobiSafe.com With all of the success of Apple’s iPhone, there is a growing case to support a company like Visa... More

Post a comment

Featured Oracle Resources

businessfirst: Ideas to help small companies retain their successful entrepreneurial spirit

Oracle ONE Magazine: Technology solutions for midsized businesses February 2008 edition

Choosing a Reliable and Powerful IT Infrastructure at a Price You Can Afford

Database Consolidation: Reducing Cost and Complexity

Ensuring Data Protection for Growing Business

Oracle for medium and emerging businesses: protect, strengthen and enhance your organisation

Oracle partner network solutions catalogue

See All White Papers