More than a decade ago, in 2007, the TJX data breach happened. It was one of the biggest debit and credit card data breaches at that time.
What happened? Read on to know more.
TJX Data Breach
The breach happened in mid-2005 with the hackers undetected for 18 long months. They did the attack at two Marshalls stores in Miami.
This is due to wireless LANs with poor protection. So, the attackers got into their payments systems. Then stole a total of 80 GB of credit and debit card data.
After a while, TJX said that the total number of victims came to a total of 45.6 million. All from different countries.
But that is not what some banks say. A group of banks claimed that around 94 million cards got exposed.
So, what lessons can we learn from the breach that happened way back?
TJX Data Breach: Key Takeaways
Breaches do not Always Affect Revenue or Stock Prices
The data breach of TJX was one of the most written-about breaches. But in their case, they proved that a data breach does not always shake a company.
Even after the breach, their revenue or stock prices did not plunge. Before the breach, their worth in the stock market was $30.
But after the breach, they only went down by one dollar. Also, after 48 weeks, they even saw a 4% rise in sales versus the past year.
So, we can conclude that their customers were not that concerned with the breach. One of the reasons might be because they do not have to pay for any fraud that will result from that.
Breaches Cost a Lot
Yes, TJX’s stocks did not plunge. But one thing is for sure. Breaches do cost a lot. And that is true even for them.
After 12 months since the breach, TJX spent about $250 for:
- fixing security flaws
- dealing with a lot of claims
- lawsuits and fines they faced
One sample of how they dealt with it is they:
- offered free credit-monitoring services for those who got their driver’s license exposed
- gave cash reimbursements
- gave vouchers
- rolled out a three-day customer appreciation event with offers of up to 15% off on all goods
Thus, making them spend a lot more. Versus if they only took care of those unprotected LANs. All the money they could have spent elsewhere got used up due to a breach.
It is Hard to Catch the Bad Guys
As with any other breaches, it is very hard to catch the bad guys hiding behind their screens. And that is what happened to TJX.
They hired forensics experts and there were law enforcement authorities. Then some people got arrested. Those who are said to have used the stolen credit cards.
But the masterminds were still at large and out of reach. They might be laughing hard after the breach.
So, it is a lot better to spend money to keep breaches from happening. Versus spending even a lot more after it happens.
There will be more factors to think about. And there will be more victims.