TJX Data Shows Up In Massive Credit Card Fraud At Florida Wal-Mart Stores
$8 million in fraudulent purchases uncovered and traced back to T.J. Maxx parent company's data breach.
Data stolen from TJX, the parent of T.J. Maxx and other retailers, has surfaced in Florida, where thieves used it to steal $8 million in merchandise from Wal-Mart stores. The thieves created fake credit cards that they used to buy Wal-Mart and Sam's Club gift cards, and then used those to buy goods in stores in 50 Florida counties, according to the Florida Department of Law Enforcement.
The ring was uncovered after Wal-Mart employees became suspicious of shoppers using multiple gift cards--many of them worth $400--to pay for purchases. Gift cards of $500 or more require customers to show ID. "They knew enough to go through the area of least resistance," says Dominick Pape, the special agent in charge of the case. Law enforcement tracked suspects from transaction records and video footage, arresting six and issuing warrants for four.
The intrusion that started the chain of events likely took place in July 2005. Documents sent by Visa to credit card issuers indicate TJX was storing credit and debit card data in violation of the security standard developed by Visa and MasterCard.
Arkansas Carpenters Pension Fund, which owns 4,500 TJX shares, last week sued TJX to get records showing how it handled computer problems that exposed customer data.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.