TJX settles with MasterCard for US$24 million

Powered by SC Magazine
 

Discount retailer TJX, parent of T.J. Maxx and Marshalls, has agreed to a US$24 million settlement with MasterCard over a security breach that left tens of millions of credit card accounts at risk to identity theft.

The company said the pre-tax payout will go to banks that issue MasterCard credit cards and were impacted by the breach for things such as reissuing cards and fraud compensation. TJX said the settlement is covered by the more than $200 million it previously budgeted for the breach.

TJX said issuers with at least 90 percent of the eligible accounts must agree to the settlement by May 2 for it to take effect. Issuers must have previously filed claims and agree to the recovery program's terms to be eligible for compensation funded by the agreement, according to MasterCard.

Under the terms of the agreement, MasterCard card issuers who meet certain restrictions will be eligible to receive financial restitution in the second quarter of 2008, according to MasterCard. Card issuers also must agree to release MasterCard and TJX from “all legal and financial liability associated with the TJX data breach,” the bank card company said in a release.

"Beyond the millions of dollars we have spent to add significant security to our computer system, we are installing security measures which exceed those of many other retailers and current industry requirements," Carol Meyrowitz, president and chief executive officer of TJX, said in a prepared statement.

She added that the company looks "forward to a high level of issuer acceptance" of the settlement.

The TJX breach affected about 94 million accounts, according to court filings. TJX has admitted that the breach exposed 45.7 million credit card numbers to hackers.

In November, TJX agreed to pay Visa a $40.9 million settlement that will fund reimbursement to banks that issue Visa cards and were affected by the breach. Those banks agreed not to sue TJX as part of the settlement.

TJX also last week agreed to a settlement with the Federal Trade Commission over the breach. In that settlement, TJX agreed create a comprehensive security program and undergo a third-party audit of its security program every two years for the next 20 years.

See original article on scmagazineus.com

Copyright © SC Magazine, US edition


 
 
 
Top Stories
Matching databases to Linux distros
Reviewed: OS-repository DBMSs, MariaDB vs MySQL.
 
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Who'd have picked a BlackBerry for the Internet of Things?
[Blog] BlackBerry has a more secure future in the physical world.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  70%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  12%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 709

Vote