Business & Finance
01:12 PM
Connect Directly

Banks Hit T.J. Maxx Owner With Class-Action Lawsuit

The Massachusetts Bankers Association is being joined by at least two other groups in a lawsuit that is seeking "tens of millions of dollars."

The security breach that hit TJX Companies Inc. is still causing trouble for the U.S. retailer.

Less than a month after TJX disclosed in a Securities and Exchange Commission filing that more than 45 million credit and debit card numbers may have been stolen from its IT systems over an 18-month period, the company is being hit with a class-action law suit seeking "tens of millions of dollars." The Massachusetts Bankers Association, which represents 207 financial institutions, announced that it is filing the suit in federal court in Boston.

The MBA also said in a release that the Connecticut Bankers Association, the Maine Association of Community Banks, and individual banks are joining as co-plaintiffs. Together, the three associations represent nearly 300 banks. Other banks can still join the suit.

TJX is the parent company of T.J. Maxx, Marshall's, HomeGoods, and other retailers. The security breach, which was announced in January, is the largest customer data breach on record.

A statement from the MBA noted that as a result of the TJX breach, there have been "dramatic costs" to financial institutions in their effort to protect cardholders.

"The MBA made a decision to file a class action suit because we believe we are in the best position to achieve success for our members and customers," said Daniel J. Forte, president and CEO of the MBA, in a written release. "With the possible exception of the banks from California that could also decide to join us, our New England institutions have had the most exposure to this massive data breach. We believe TJX has more stores in our region than anywhere else other than California and, of course, it is headquartered here in Massachusetts."

According to the MBA, banks throughout New England continue to receive lists of "hot" cards that have been exposed in the TJX data breach -- more than three months after TJX first disclosed that there had been a problem.

"Protecting consumers is our number one priority," said Lindsey Pinkham, senior VP of the Connecticut Bankers Association, in a written statement. "However, retail data breaches are getting larger and more frequent and we cannot continue to absorb the costs."

TJX discovered the break-in on Dec. 18, and it most likely dates back to July 2005. Thieves working online may have stolen card data from TJX's Framingham, Mass., computer system during the approval process, in which payment data is transmitted to card issuers without being encrypted.

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 23, 2014
Intrigued by the concept of a converged infrastructure but worry you lack the expertise to DIY? Dell, HP, IBM, VMware, and other vendors want to help.
Flash Poll
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.