The TJX 11′s Retailers Oblivious To Repeated Breaches
Written by Evan SchumanAugust 8th, 2008
Some 3 hours and 19 minutes before the U.S. Justice Department announced to the world that it was charging 11 men with having stolen 41 million payment card numbers from TJX and several other national retailers, a group of Secret Service agents started making phone calls.
One of those retailers—Barnes & Noble—issued a vague statement suggesting that the chain might not have been aware of the incident before the Secret Service team started making those 11:30 AM calls.
This Story Is Only Available For Premium Subscribers. Click Or Login In Below To Read The Rest Of This Story.
Already a Subscriber? Login Here
One Comment | Read The TJX 11′s Retailers Oblivious To Repeated Breaches
Leave a Reply
Readers, specifically those who want to comment on a story:
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk.com? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk.com? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.
-Christine
August 18th, 2008 at 12:57 pm
The numbers surrounding the TJX incident are hard to nail down. Nevertheless, the industry needs to think about the numbers in aggregate. I argue that the aggregate fraud suffered from TJX is small compared to the aggregate cost incurred by card issuers to cancel cards. Therefore, I argue, the industry — as a whole industry — over-reacted to TJX. Data breaches will happen; breaches are inevitable. The response to data breaches must change at an industry (systemic) level. The industry needs to reduce the cost of its response so that the cost of the response is closer to the value of the actual risk. I develop more of my argument at http://legal-beagle.typepad.com/wrights_legal_beagle/2008/08/credit-card-iss.html What do you think? –Ben