Comments for TJX To Pay Up To 40.9 Million For Data Breach

TJX To Pay Up To 40.9 Million For Data Breach

2007-12-01T00:59:22Z

TJX will be paying as much as 40.9 million in a settlement with Visa and the bank that processes their credit card payments , says the Associated Press.

The funds will be used to help U.S. credit card issuers such as banks recover costs related to the breach, which may have exposed more than 100 million cards to potential fraud, TJX said.

The breach is believed to be the largest ever, based on the number of customer records involved.

Issuers of at least 80% of eligible cards must accept the offer by Dec. 19 for the settlement to take effect, said Framingham, Mass.-based TJX, owner of about 2,500 stores including T.J. Maxx and Marshalls.

Perhaps TJX will set an example of how important (to the bottom line) protecting your customer's information really is.

Cross your fingers.

TJX will pay up to $40.9M for data breach [USAToday]

Comment from EmmaC on 2007-12-01

2007-12-01T08:50:00Z

I know someone who got a letter about the data breach with TJX. She hasn't heard anything since. It's like they forgot about the consumers in this data breach.

Comment from bohemian on 2007-12-01

2007-12-01T06:08:57Z

I want compensation. I wasted a bunch of my time tracking down what accounts had the old card associated with them and changing payments. I also had a bunch of accounts go unpaid without me knowing until they were already late because me card number was shut down. Oh and the humiliation of having my card decline at Target when I had plenty of money in my account.

I have been trying to find out how to get on the consumer class action. I found a website of a lawfirm that supposedly was handling it but they won't answer email.

Comment from azntg on 2007-12-01

2007-12-01T05:12:05Z

You can see the jaded business mentality on both Visa (towards TJX) and TJX (towards consumers): Profit at any possible situation.

Comment from KernelM on 2007-12-01

2007-12-01T05:02:16Z

@davebg5: Wow, there's bad math and then there's six orders of magnitude bad math.

Comment from SilverHammer on 2007-11-30

2007-12-01T03:53:13Z

I'm pretty uninformed when it comes to legal matters, but my card was compromised as a result of the breach and I'm not sure how to benefit from the class action suit. Is any action necessary? Can I even get in on it at this point?

Comment from amoeba on 2007-11-30

2007-12-01T03:37:34Z

This is just my opinion within the subject...I've been reading and hearing the same story over and over, about TJX will pay to the victims of ID Theft. So far we are a month before 2008 and nothing done. Still hearing that they will send; to the people affected, a 25% off coupon or a TJMAXX Store Event. I think they don't even have the 40.9 million dollars to cover the damage.

Comment from Beerad on 2007-11-30

2007-12-01T02:08:56Z

@davebg5: Um, $40,000,000 divided by 100,000,000 = 40 cents per card. Sorry.

And it's not the cost of operational changes. It's the cost of every issuing bank replacing and/or fixing customer cards and accoutns.

Comment from ElizabethD on 2007-11-30

2007-12-01T01:59:46Z

I hope this doesn't make prices go up at TJMaxx and Marshall's! 8-O

Comment from davebg5 on 2007-11-30

2007-12-01T01:52:58Z

@Beerad: $40 million divided by 100 million cards = $400k per card.

Since the breach was on the retailer's side of things, it's not as if Visa had any operational changes to make. Their costs are pretty much tied to notifications, investigations of alleged misuse and reissuing new cards.

I find it hard to believe that it ran Visa $400k to do this for each card/customer.

Comment from Beerad on 2007-11-30

2007-12-01T01:40:15Z

@Beerad: Just for clarity, my card replacement was not related to T.J. Maxx in any way. Citibank actually refused to disclose any information about the "potential breach", which was irritating because I was wildly curious (never had any fraudulent charges or other issues on my account) but I can understand their position.

Comment from Beerad on 2007-11-30

2007-12-01T01:37:45Z

@ekthesy: Different settlement. Customers may end up getting hosed in their related settlement, as per [consumerist.com], but it's a different piece.

But how much were individuals with stolen credit card numbers actually damaged? Citibank sent me a letter one day with a new card saying that my old one "might" have been compromised, and they were switching my account to a new number. Sure it was a minor pain swapping all of my auto-payments to a new card, but it wasn't exactly something that required monetary compensation.

Comment from Beerad on 2007-11-30

2007-12-01T01:32:31Z

But we can't really tell how much money Visa and the issuing banks are "making" off of the settlement. If up to 100 million cards were exposed, that's a whole lot of expense for the companies to go through to issue new cards, notify all affected customers, track down suspected fraud cases, etc. I strongly doubt that the upshot of all of this is any profit for the affected companies.

Comment from ekthesy on 2007-11-30

2007-12-01T01:27:02Z

$41MM for the banks and nothing for the individuals whose data was compromised?

Comment from hn333 on 2007-11-30

2007-12-01T01:17:45Z

Love how Visa is making money off credit card fraud.

Comment from davebg5 on 2007-11-30

2007-12-01T01:15:56Z

I recently read an article about these data breaches (I wish I could remember where I read it) and it pretty much said that the credit card companies don't force retailers to increase their data security b/c all of the fines that they get to impose when there is a breach are yet another source of money making fees for the banks.

I'd say $40.9 million is a nice haul for Visa.

Comment from SaveMeJeebus on 2007-11-30

2007-12-01T01:14:31Z

I wonder if TJX is going to pay the card issuers in coupons and after-hours sales. They are as good as cash, you know.