Fortunately (by luck or design) the security breach at Massachusetts-based TJX Companies Inc in the heart of the December shopping season did not become public knowledge until mid January. It would have given customers both online as well as in-store reason to pause.
The breach of the database allowed computer hackers to steal credit and debit card information from thousands of customers that were being stored in the TJX database. Retailers should be especially concerned about what happened and how it was handled by TJX.
TJX is the owner of T.J. Maxx, Marshalls, HomeGoods and A.J. Wright stores in the United States, as well as chains in Canada and England.
Banking industry experts estimate as many as 20 to 30 percent of people in New England could have had data stolen and banking industry leaders in the region are considering legal action. Big questions on the minds of bankers and law enforcement are why was TJX storing the data to begin with, and are they willing to assume liability and responsibility for the problem they've created?
What customer information are you storing and why? How secure is it and what liability are you willing to assume if the information is compromised? If security is breached at your company are you prepared to quickly communicate publicly about the incident as to help customers minimize the impact of identity theft, and banking losses?
Interesting to reflect now that the 2006 Holiday buying season is in the rear-view mirror. Warning: Objects in Mirror are Closer Than They Appear!