In 2005, TJX suffered a credit card breach that was one of the largest breaches in history. In this video, Mike Chapple explains the details surrounding the TJX breach.
(dramatic music) - [Mike] In January 2007, the TJX companies announced that they had been the victim of what we now know was one of the largest heists of customer information in history. While TJX might not be a household name themselves, they are the parent company of many popular retail stores, including the TJ Maxx, Marshalls, and HomeGoods brands that have stores throughout the United States and Canada, supplemented by a global footprint.
Millions of customers shop in these stores every year. As with many similar breaches, the initial details were sketchy. TJX simply disclosed that they had been the victim of a data breach a month earlier and that they did not yet know the number of consumers affected by the breach. Sources from the banking industry confirmed that the breach did include credit card data and that banks around the country were reissuing credit cards at a rate that indicated the breach was quite large.
Over the next few months, details of the true impact of the breach trickled out, as internal sources leaked details. TJX filed reports with regulators reporting that the breach had affected 45.6 million credit card numbers, making it the largest breach in history, as of that date. But even that wasn't the final number. Later that year, banks affected by the breach filed a lawsuit against TJX, alleging that the breach affected about 94 million credit card accounts.
While this breach has since been surpassed on the historical record list by larger breaches at Target, Equifax, Heartland Payment Systems, and other sources, the TJX breach is uniquely positioned as one of the first massive breaches of credit card information. It marked a turning point in the history of cybersecurity that we can all draw important lessons from today.
Author
Updated
6/10/2019Released
10/8/2018Skill Level Intermediate
Duration
Views
Related Courses
-
Insights from a Cybersecurity Professional
with Mike Chapple32m 15s Intermediate -
IT Security: Key Policies and Resources
with Gregory Michaelidis23m 44s Intermediate
-
Introduction
-
The 2017 Equifax Breach
-
The Equifax breach2m 41s
-
Inside the Equifax breach3m 22s
-
Lesson 2: Move quickly!2m 36s
-
-
The 2013 Target Breach
-
The Target breach2m 43s
-
Inside the Target breach4m 55s
-
Lesson 1: Vendor management4m 21s
-
Lesson 3: Log monitoring5m 6s
-
-
The 2006 VA Laptop Theft
-
Inside the VA breach5m 42s
-
Lesson 3: Security policy4m 42s
-
Aftermath of the VA breach2m 45s
-
The 2018 Atlanta Ransomware Breach
-
The 2005 TJX Breach
-
The TJX breach2m 8s
-
Inside the TJX breach4m 3s
-
Aftermath of the TJX breach2m 27s
-
-
The 2013 Bowman Dam Breach
-
The Bowman Dam breach3m 12s
-
Inside the Bowman Dam breach5m 51s
-
-
The State-Sponsored University Breach
-
Lesson 3: Social engineering6m 19s
-
The Maersk Breach
-
The Maersk breach2m 43s
-
Inside the Maersk breach3m 37s
-
Lesson 3: Test backups4m 8s
-
After the Maersk breach2m 38s
-
-
The Sony Breach
-
The Sony breach3m 24s
-
Inside the Sony breach2m 42s
-
Lesson 1: Defense in depth2m 11s
-
Lesson 2: Offense is risky2m 23s
-
Lesson 3: Authentication2m 13s
-
After the Sony breach3m 24s
-
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.
CancelTake notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: The TJX breach