Tj Max Store Security Breach

TJ Max Store Security Breach TJX Inc. is the parent company of retail stores such as TJ Maxx, HomeGoods and Marshalls, which are “off price” department stores that sell family apparel, home décor, beauty and accessories. Founded in Framingham, Massachusetts in 1976, TJX currently boasts more than 3,300 stores in the United States, Canada and Europe (TJ Maxx). In 2014, TJX Inc. had net sales of $29 million (TJX Annual Report). In January 2007, TJX Companies Inc. released a statement to the press that an estimated 40 million of their customer’s credit card accounts had been compromised (although final reports state that over 94 million accounts were affected) (Berg 2008). Through the company’s POS (Point of Sales) system, credit card information was stolen by a ring of hackers and approximately $4.5 billion spent on these cards (Berg 2008). What the hackers did was intercepted the credit card information from customers who swiped their cards at the store and then created their own physical cards using this information. Then they sold the credit cards to people, who turned around and used these cards at retail stores, like Walmart (Agrawal 2011). Three areas of weakness within the company’s IT systems that allowed for an attack of this scale were: inadequate wireless security, improper storage of customer data and failure to encrypt customer account data (Berg 2008). The entire system of TJX was hacked into due to one unsecured wireless network at a TJMax store in Florida.