Chris Mosby at myITforum.com

Thoughts on the TJX Data Theft

Thursday March 29, 2007 at 11:37 am CST
Posted by Allysa Myers

Trackback

More information on the subject of the TJX data theft has come to light as they have filed their annual report to the SEC. The gist is that between July 2005 and January 2007, the debit and credit card numbers from customers of a number of stores were taken by hackers who have yet to be caught. (Though people who have apparently purchased stolen credit card numbers are starting to be caught.)

Specifically, the stores in question are TJ Maxx, TK Maxx, Marshalls, Home Goods, HomeSense, AJ Wright stores, Bob’s Stores, and Winners. If you think you might have purchased or returned something to these stores in that time span, it’s a good idea to contact your bank and one of the three major credit-reporting agencies. This site has good information about what you’ll need to do.

There are also some financial institutions that have already done this for their customers, to help protect them from the sort of frauds which are already going on as a result of this. In some cases, they’ve even gone so far as to identify customers who have gone to those stores in that time span and issued the customers a new card. If that’s the case, you will have received notification from your bank explaining what has happened, and potentially a new card.

This highlights the importance of having adequate security measures in place. It is not enough to simply have up-to-date AV software, and to make sure you’re up to date on OS and application security patches. Even home users, at this point, should also have a firewall that is configured to shut off any port you’re not specifically using. This goes double for companies that might actively be targeted by hackers.  This will prevent the successful infiltration and exfiltration of the sort of targeted Trojan attacks that have become more and more popular lately.

Companies need to take extra precautions due to the extra value of data within their networks and the sheer number of people who are within it who could accidentally or intentionally compromise the network’s security. It’s important to assess your network and determine what your biggest risks are so you can minimize those risks where possible and protect the things that are most important in your organization. In the TJX incident, use of data leakage protection solutions could have been very helpful in keeping this data from being stolen. Intrusion prevention systems could also have helped prevent targeted malware from being able to perform its functions.

We’re living in a very different world now, in terms of hackers and malware. It isn’t enough to do the bare minimum and expect that you’ll probably be okay. There can be very severe consequences, especially financially, when you are careless with your own or your customer’s data. You can be confident that if you have valuable information, there will be someone trying to get into your system to find it. Perhaps they already have done so.

Source: Computer Security Research - McAfee Avert Labs Blog