Tuesday, August 21, 2007

TJX Data Breach Costs Could Exceed $150 Million

Yes, you read the figure correctly, that's $150 million, with one analyst going so far as to suggest that the final costs to TJX could approach $1 billion.

To refresh your memory, TJX, the parent company of T.J. Maxx, Marshalls, and other retailers, acknowledged last March 2007, that 45.7 million customer credit and debit card numbers were stolen from one of its systems over a period of more than 18 months.

After the story broke last winter, TJX said that the data breach involved the portion of its computer network that handles credit card, debit card, check, and merchandise return transactions for customers of its T.J. Maxx, Marshalls, HomeGoods, and A.J. Wright stores in the United States and Puerto Rico. Also involved were its Winners and HomeSense stores in Canada.

So what does this have to do with you, the small business ecommerce retailer?

It has plenty to do with you. Notice that the theft was going on for more than 18 months before anyone noticed it. During that 18 months, the stolen credit/debit card information was sold to fraudsters who used it to make fraudulent purchases on the internet.

According to the TJX Companies SEC filings dated 03/28/2007, the breach was first discovered on December 18, 2006.

It was not until January 17, 2007, that they publicly announced the "Computer Intrusion".

Add that month to the 18 months that the thieves went unnoticed. During all those months the thieves are having a shopping spree on the internet with the stolen credit cards.

Each purchase the crooks made using the stolen credit cards resulted in chargebacks for the merchants who accepted the cards!

In addition to the chargebacks, the merchants also lost the merchandise that was "purchased" by the cybershoplifters. Very, very rarely is merchandise stolen in this manner ever recovered. To rub salt in the wound, the merchants are also slapped with a nice little chargeback fee.

Ecommerce Merchants - Protect Your Business with Knowledge

Cybercrime is not going away anytime soon. As unpleasant as it may seem, you have to learn all you can about it so that you can protect your business. Don't think that your ecommerce store is immune. If you do business on the internet, your business is a target.

Begin your study by watching the following video clip. It's a real eye opener and will give you a heads up on one of the ways the criminals operate.

Subscribe to this blog if you want more information about what you can do to protect your online business. We'll be discussing this subject plus all aspects of managing an ecommerce website in future posts.

No comments: