June 21, 2008
Privacy & Security Watch: TJX Fires Employee for Disclosing Security Problems
As readers of this newletter know, TJX, the parent company of T.J. Maxx, Marshalls, and Home Goods stores, had a serious security breach over a long period of time. (See http://www.TheKuperReport.com/2007/03/stolen-data-from-tjx-tj-maxx-marshalls.html
and subsequent articles on this subject). Well, it seems they still haven't learned from their mistakes. According to this article, a young employee in a Lawrence, KS T.J. Maxx store tried, but failed to convince management that running their server in administrator mode and giving everyone id's with blank passwords was a very bad and insecure thing to do. So he anonymously posted about this lack of security to an online forum. TJX found out it was him and they fired him. No word on whether they address this serious security breach.
Richard L. Kuper
The Kuper Report
http://TheKuperReport.com
* [Please post your job openings here] *
R.L. Kuper, Inc. - Management Consulting
and subsequent articles on this subject). Well, it seems they still haven't learned from their mistakes. According to this article, a young employee in a Lawrence, KS T.J. Maxx store tried, but failed to convince management that running their server in administrator mode and giving everyone id's with blank passwords was a very bad and insecure thing to do. So he anonymously posted about this lack of security to an online forum. TJX found out it was him and they fired him. No word on whether they address this serious security breach.
Richard L. Kuper
The Kuper Report
http://TheKuperReport.com
Labels: breach, companies, corporations, data, data security, government, home goods, homegoods, intrusion, kuper report, marshalls, richard kuper, security, tj tjx, tjmaxx, x
FindJobsPostJobs.com | CareerHotList.com |
March 22, 2007
Privacy and Security Watch: Stolen Data from TJX (T.J. Maxx, Marshalls and HomeGoods stores) since 2003 Used in $8M Scheme Before Breach Discovery
According to recent reports in eWeek (links below), massive amounts of data, dating back to 2003, were stolen from TJX (T.J. Maxx, Marshalls and HomeGoods stores) over an extended period of time, starting in 2005. The breach, or intrusion as TJX prefers to call it, was not discovered until December 2006.
This is just the latest story in the ongoing issue of data security. Companies need to get their acts together and ensure that they are protecting the personal and private data of their customers. It may be time for the government to step in and create financial incentives for companies to do this. Of course, the Federal government and many state and local governments are guilty of not protecting the personal and private data of its citizens either, so they would also have to fine themselves (not likely). So this problem will continue to be a major problem until the public starts making its voice heard and making this a priority for government and corporations to take more seriously.
Here are the links to the TJX story:
Stolen TJX Data Used in $8M Scheme Before Breach Discovery
TJX: Data Theft Began in 2005; Data Taken from 2003
Richard Kuper
The Kuper Report
http://TheKuperReport.com
* [Please post your job openings here] *
R.L. Kuper, Inc. - Management Consulting
This is just the latest story in the ongoing issue of data security. Companies need to get their acts together and ensure that they are protecting the personal and private data of their customers. It may be time for the government to step in and create financial incentives for companies to do this. Of course, the Federal government and many state and local governments are guilty of not protecting the personal and private data of its citizens either, so they would also have to fine themselves (not likely). So this problem will continue to be a major problem until the public starts making its voice heard and making this a priority for government and corporations to take more seriously.
Here are the links to the TJX story:
Stolen TJX Data Used in $8M Scheme Before Breach Discovery
TJX: Data Theft Began in 2005; Data Taken from 2003
Richard Kuper
The Kuper Report
http://TheKuperReport.com
Labels: breach, companies, corporations, data, data security, government, home goods, homegoods, intrusion, kuper report, marshalls, richard kuper, security, tj maxx, tjmaxx, tjx
FindJobsPostJobs.com | CareerHotList.com |
Who links to me?