Credit card heist hits 45 million users

By on
Credit card heist hits 45 million users

UK customers of TK Maxx told to check credit and debit card statements.

A security breach on the computer systems at is now thought to have led to the theft of 45.7 million credit and debit card records. 

The data theft took place over an 18-month period, beginning in July 2005.

"We have been able to specifically identify that a portion of the data believed stolen included account information for approximately 45.7 million separate payment cards," said an official statement from, the American parent of TK Maxx. 

TJX said that 75 per cent of the cards were expired at the time of the theft, or the stolen information did not include the security code data from the magnetic strip on the payment card.

However, that still leaves 11.42 million stolen financial records that are currently active. TJX has warned UK customers to check their credit card statements.

"Today's full declaration by TJX is a graphic example of how a breach in information security can impact a business and its customers," said Greg Day, security analyst at McAfee. 

"The announcement is just the tip of the iceberg, however, as organisations across the globe continue to evaluate and look to implement security policy to protect against external and internal threat."

Jamie Cowper, data security expert at PGP Corporation, added: "This is a frightening illustration that when retailer's systems are hacked, even if it occurs on the other side of the world, the card details of customers in every country are at risk because of the way companies share and store information globally." 

Cowper explained that the upcoming Payment Card Industry Data Security Standard (PDF) in June 2007 would force retailers such as TJX to safeguard customer card information or face losing its credit card facilities altogether.

"Security technologies such as encryption can greatly simplify the process of protecting information," said Cowper.

"But the recent spate of data breaches suggests that many companies are still a long way off being compliant with this and other data protection standards."

Mike Smart, European product manager at Secure Computing, added: "We find that 80 per cent of confidential data is typically undetectable by 90 per cent of firewalls and as a result sensitive data can leak from the organisation without their knowledge. 

"With the rise of real-time unencrypted communications, such as instant messaging and web mail, hacking into a corporate network and extracting data unnoticed is easy."
Copyright ©v3.co.uk
Tags:
45 card credit heist hits million security users

Most Read Articles

SA Dept Premier and Cabinet sacks CIO

SA Dept Premier and Cabinet sacks CIO
NBN Co finally reveals satellite users who will lose ADSL

NBN Co finally reveals satellite users who will lose ADSL
CBA set to cut 170 IT workers

CBA set to cut 170 IT workers
Optus fibre cable cut in Melbourne

Optus fibre cable cut in Melbourne
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators
The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators
Solving IT complexity
Solving IT complexity
Optimising Enterprise Data Centres for the Cloud
Optimising Enterprise Data Centres for the Cloud
Growing companies have a growing interest in technology
Growing companies have a growing interest in technology
RSA NetWitness® Endpoint. Respond 3X Faster to Threats
RSA NetWitness® Endpoint. Respond 3X Faster to Threats

Events

Log In

Username:
Password:
|  Forgot your password?