TJX, based in Framingham, Massachusetts said last week in a statement that the extent of the breach was unknown, but hackers may have been stealing private information for up to three years before their actions were detected last month.
The breach affects credit card, debit card, check and merchandise return transaction information for customers of T.J. Maxx, Marshalls, Homegoods and A.J. Wright stores in the US and Puerto Rico and Winners and HomeSense stores in Canada.
The incident also may affect customers of Bob’s Stores in the US and T.K. Maxx in the United Kingdom and Ireland.
Daniel J. Forte, MBA president and CEO, said Wednesday in a statement that the reports of fraudulent purchases could lead to phishing attacks.
"[Criminals] may want to confirm your personal information, anything that could be matched with what they already have and then, upon getting it, steal your identity with the ability to open new accounts, apply for credit and more," he said.
Nearly 60 banks have told the MBA that they’ve been contacted by credit card companies about compromised cards. That number is likely to grow higher, according to the MBA.
Ben Cammarata, TJX chairman and acting CEO, said last week in a statement that the company has alerted law enforcement officials and information security experts and an investigation is underway. He also advised customers to take measures to safeguard their personal information.
Click here to email Online Editor Frank Washkuch Jr.