From: security curmudgeon (jerichoattrition.org)
Date: Tue Jun 23 2009 - 14:39:06 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.bostonherald.com/business/general/view.bg?articleid=1180719&srvc=rss

TJX to pay states $9.75M in data breach settlement
By Donna Goodison
Tuesday, June 23, 2009

TJX Cos. Inc. will pay $9.75 million to 41 states for failing to protect
customers financial information from a massive computer breach announced
in 2007 that exposed millions of customers personal and credit card data
to hackers.

Under the multistate settlement filed in Suffolk Superior Court today, the
operator of the T.J. Maxx, Marshalls, HomeGoods and A.J. Wright chains
agreed to ensure that its safeguarding consumers data and addressing
security system deficiencies that were in place when the breach occurred
to the extent that it already hasnt done so.

Framingham-based TJX also must report regularly to the attorneys general
about how its data security program is working after it has a third party
assess its systems.

In a statement today, TJX said it firmly believes that it did not violate
any consumer protection or data security laws, and that its computer
security was good as or better than most other major U.S. retailers at the
time of the breach in 2005 and 2006.

[..]
_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]