TJX Card Breach Worse than Previously Thought
FRAMINGHAM, Mass. -- TJX, the parent company for the Marshalls and T.J. Maxx retail chains, among others, has suffered more extensive security breaches than was first thought, the company has announced.
In a press release issued on Feb. 21, the company said it originally thought the intrusion into its customer data files took place between May 2006 and January 2007, but has since learned its computer system also was hacked into in July 2005 and other periods during that year.
Credit and debit card data from transactions at its U.S. and Puerto Rico stores and credit card-only transactions at Canadian stores from January 2003 through June 2004 were stolen, the company reported.
The company also reported that some driver's license numbers, together with related names and addresses associated with merchandise returns at its stores for the last four months of May 2003, as well as for May and June 2004 have been stolen.
TJX said it would notify those customers it can identify whose driver's license numbers, names and addresses were taken.
Additionally, T.J. Maxx customers in Britain and Ireland may also have been compromised, the company said.
Names and addresses were not included with the stolen credit and debit card data. TJX did not disclose the number of accounts affected, and said its investigation is ongoing.