Maxxed Out: TJX Companies and the Largest-Ever Consumer Data Breach

Author(s)

Russell Walker

In November 2005 Fidelity Homestead, a savings bank in Louisiana, began noticing suspicious charges from Mexico and southern California on its customers’ credit cards. More than a year later, an audit revealed peculiarities in the credit card data in the computer systems of TJX Companies, the parent company of more than 2,600 discount fashion and home accessories retail stores in the United States, Canada, and Europe.

The U.S. Secret Service, the U.S. Justice Department, and the Royal Canadian Mounted Police found that hackers had penetrated TJX’s systems in mid-2005, accessing information that dated as far back as 2003. TJX had violated industry security standards by failing to update its in-store wireless networks and by storing credit card numbers and expiration dates without adequate encryption. When TJX announced the intrusion in January 2007, it admitted that hackers had compromised nearly 46 million debit and credit card numbers, the largest-ever data breach in the United States.

Date Published: 10/02/2013

Discipline: Organizational Behavior

Key Concepts: Information Technology, Information Management, Risk Management, Decision Making, Technology Management, Internet, Payments, Credit Cards, Cyber Risk

Citations: Walker, Russell. Maxxed Out: TJX Companies and the Largest-Ever Consumer Data Breach. 5-313-507 (KEL764).

Preview or Buy Print

Academic Expertise

Publications and blogs

Additional resources

The Experience

Academic Expertise

Degree Programs

Executive Education

News

Publications and blogs

Academics + Research

Admissions

Additional resources

Maxxed Out: TJX Companies and the Largest-Ever Consumer Data Breach

Maxxed Out: TJX Companies and the Largest-Ever Consumer Data Breach

Get to know more about our programs and community.