Stolen TJX data has surfaced in two cases in Florida.
While the culprit (or culprits) who stole 45.7 million customer records from TJX remains at large and unknown, law enforcement officials have arrested at least 10 people since the beginning of the year for their roles in using that stolen information to commit fraud.
In July, the U.S. Secret Service announced the arrest of four Floridians: Miguel Alegria, 46, of Hialeah; Raynier Pupo, 22, of Miami; Ariel Montero, 32, of Aventura; and Javier Padron-Bravo, 35, also from Aventura. They're charged with aggravated identity theft, counterfeit credit card trafficking, and conspiracy. The Secret Service was able to trace the origin of the data used by these alleged fraudsters back to the TJX theft, as well as to a separate data breach at Polo Ralph Lauren.
The south Florida arrests resulted in the recovery of about 200,000 stolen credit card account numbers responsible for fraud losses roughly calculated to be more than $75 million. Agents also seized two pickup trucks, $10,000 cash, and a handgun in connection with the case.
Six people arrested in Florida allegedly had bought $8 million worth of Wal-Mart gift cards using stolen TJX data
This was the second high-profile bust related to the TJX breach. In March, the Gainesville Police Department and Florida Department of Law Enforcement caught six people with fake credit cards, created using stolen TJX data, who had bought $8 million worth of gift cards at Wal-Mart and Sam's Club stores in 50 of Florida's 67 counties. Police charged Irving Escobar, 18; Reinier Camaraza Alvarez, 27; Julio Oscar Alberti, 33; Dianelly Hernandez, 19; Nair Zuleima Alvarez, 40; and Zenia Mercedes Llorente, 23, with an organized scheme to defraud, a first-degree felony. Police issued additional warrants at the time, hoping to catch others involved in the fraud ring.
The alleged fraudsters were exposed when Wal-Mart employees became suspicious of certain shoppers who were using multiple gift cards--many of them worth $400--to pay for their purchases. The $400 denomination was significant because gift cards valued at $500 or more require the customer to provide some form of identification.
The arrests were made after police analyzed transaction records and video footage of the alleged perpetrators, who were buying large quantities of computers, gaming devices, and big-screen televisions.
Additional evidence suggests that TJX's exposure to fraud is likely worse than these two high-profile cases indicate. In January, Visa's director of fraud control e-mailed financial institutions that the data theft involved millions of card accounts across all major payment brands accepted by TJX. The e-mail also stated that 77% of the fraudulent transactions using stolen TJX customer information took place in the United States, particularly in California, Florida, Illinois, New York, and Texas.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.