CUNA News Now: A year later: TJX breach implications widespread

News Now LiveWire

Most CUs will provide wage increases for at least some of their employees, according to CUNA's just-released Small CU Staff Salary Survey. 12 hours ago

St. L Post Dispatch on GAO report:Consumers may not benefit from altering Interchange system;would cut card competition. http://ow.ly/ETyX 13 hours ago

CUNA's Hampel: Consumer holiday spending will be up slightly from last year. See Tues NN. 17 hours ago

NCCUL and WOCCU met with Romanian CUs this week. The CUs are experiencing growth and want to increase their public relations efforts. 4 days ago

Kent Buckham has been named by NCUA as director of the newly created Office of Consumer Protection. The 7-person dept. launches in Jan. 4 days ago

Sign up; more tweets...

BOSTON (1/22/08)--It was one year ago last Thursday that the TJX Cos. disclosed the largest credit and debit card data breach in history. The implications of that breach are widespread.

That breach set off a chain of lawsuits from consumers and financial institutions, including credit unions who footed the bill for notifying members and replacing their compromised cards.

It instigated a number of bills in state and federal legislatures to protect consumers' data and make merchants more responsible for the data they handle.

The event, coupled with a significant increase in sophisticated attempts to phish personal information from consumers, also changed the way credit unions and their members deal with security issues. More credit unions are taking precautions by offering credit monitoring identity theft services and security solutions.

The Framingham, Mass.-based retail company, which owns T.J. Maxx and Marshall's, figures the intrusions began in mid-2005 at two Marshall's stores in Miami that had wireless Local Area Networks (LANs).

Eventually at least 45.6 million card numbers were compromised and card companies such as Visa and MasterCard estimate that as many as 94 million cards were exposed.

Computerworld, looking at the one-year anniversary of the breach, said security managers have five take-aways from the incident (Jan. 17):



SEARCH Headlines Washington CU System Market Products & Services Consumer Print Today’s News Photo Gallery Videos Monthly Top 10 Archive Headlines via Email Enter your email address: text or HTML RSS Feed What is RSS? Contact News Now
	News Now LiveWire Most CUs will provide wage increases for at least some of their employees, according to CUNA's just-released Small CU Staff Salary Survey. 12 hours ago St. L Post Dispatch on GAO report:Consumers may not benefit from altering Interchange system;would cut card competition. http://ow.ly/ETyX 13 hours ago CUNA's Hampel: Consumer holiday spending will be up slightly from last year. See Tues NN. 17 hours ago NCCUL and WOCCU met with Romanian CUs this week. The CUs are experiencing growth and want to increase their public relations efforts. 4 days ago Kent Buckham has been named by NCUA as director of the newly created Office of Consumer Protection. The 7-person dept. launches in Jan. 4 days ago Sign up; more tweets... A year later: TJX breach implications widespread BOSTON (1/22/08)--It was one year ago last Thursday that the TJX Cos. disclosed the largest credit and debit card data breach in history. The implications of that breach are widespread. That breach set off a chain of lawsuits from consumers and financial institutions, including credit unions who footed the bill for notifying members and replacing their compromised cards. It instigated a number of bills in state and federal legislatures to protect consumers' data and make merchants more responsible for the data they handle. The event, coupled with a significant increase in sophisticated attempts to phish personal information from consumers, also changed the way credit unions and their members deal with security issues. More credit unions are taking precautions by offering credit monitoring identity theft services and security solutions. The Framingham, Mass.-based retail company, which owns T.J. Maxx and Marshall's, figures the intrusions began in mid-2005 at two Marshall's stores in Miami that had wireless Local Area Networks (LANs). Eventually at least 45.6 million card numbers were compromised and card companies such as Visa and MasterCard estimate that as many as 94 million cards were exposed. Computerworld, looking at the one-year anniversary of the breach, said security managers have five take-aways from the incident (Jan. 17): Breach disclosures don't always affect a company's revenue or stock prices. Customer and investor confidence in TJX was "largely unshaken." When the breach was disclosed its stock was worth about $30 per share. Its closing price on Thursday was just over $29 per share. Its sales for the 48-week ending Jan. 5 increased 4% from the same period a year ago. Breach disclosures are still costly. TJX spent or set aside in the past year about $250 million for costs related to the breach. The Payment Card Industry (PCI) Data Security Standard remains a work in flux. The industry's rules require merchants to implement 12 broad security controls for protecting customer data. However, many companies still aren't in compliance. Court documents indicated TJX wasn't compliant with nine of the controls. The breach exposed card-payment issues that exist between merchants and their financial institutions and credit card companies. Credit unions and smaller banks have lobbied several state legislatures to pass new laws requiring merchants to reimburse them for the costs involved in notifying member/customers and reissuing cards. Retailers are fighting these bills. The perpetrators of the breach are still out there. Only a few people have been arrested for using card numbers stolen during the breach. The hackers are still free and likely will strike again. Resource Links CUNA's ID Theft Resources More CU/System
	Copyright © 2009 - Credit Union National Association, Inc.

More CU/System