Wireless Technology behind Highest Customer Data Breach
Following the major data breach at TJ Maxx's parent company, Canadian investigators are blaming the big retailer for not installing sufficient security safeguards and possessing excessive customer information.
Another finding of the joint investigation made by 2 Canadian privacy commissioners revealed that the possible access hacking of the TJX network by a hacker was via the wireless local area networks at 2 company stores in the US. This followed after months of intense speculation regarding beak-in point.
Previous theories proved correct about the intruders initially accessing TJX systems using inadequately protected wireless local-area networks to steal data that comprised over 45 Million debit card and credit card numbers. The intrusion happened in two Miami Marshalls stores.
Canada's Privacy Commissioner, Jennifer Stoddart, said that the company have gathered too much of personal information and kept it long enough. It had relied on incompetent encryption technologies to protect the information, endangering the privacy matters of its millions of customers, as reported by InformationWeek on 26 September 2007. She revealed that the criminal groups had actively targeted the credit card figures as well as other personal data. A record of the millions of credit card information is the potential gold mine for the hackers and it is required to be safeguarded with strong security measures.
The hackers pilfered the information from RTS (Retail Transaction Switch) servers meant for the purpose of processing and storing information of customer transactions at TJX stores. The breach involved data including driving license numbers and information for personal identification that are associated with payment-cards and merchandise return transactions that did not have any receipt.
TJX is yet to ascertain the full extent of the damage in terms of the exact content of most of the files created and downloaded by the fraudsters. The deletion technology that they used has made it difficult to do so.
An announcement was made this year by TJX reporting the theft of more than 45 Million debit card and credit card numbers from their IT systems in a period of 18 months. It is believed to be the biggest breach of the customer information ever recorded.
Related article: Wireless Network Cards, Tool of Choice for Hackers
» SPAMfighter News - 12-10-2007