The security breach affected more than $45 million credit and debit card holders in 41 states, beginning in July of 2005, but was not discovered until December 2006.
Last year, TJ Maxx offered $24 million to customers who believed their credit and debit cards were compromised and implemented a “customer appreciation” 15 percent discount day last January during TJ Maxx’s legal proceedings.
The settlement clears TJ Maxx of any wrongdoing, and TJ Maxx and its affiliates have now committed to leading investment in innovative cybersecurity technologies. TJ Maxx must make sure its computer systems meet all data security standards in the 41 affected states.
After the settlement announcement, TJ Maxx said, “The decision to enter into this settlement reflects TJX’s desire to concentrate on its core business without distraction and to promote cybersecurity measures that will benefit all consumers.”
The credit card breech was apart of an international ring of cyber criminals that also attacked other U.S. and international companies. TJ Maxx aided federal law enforcement agents in cracking down on the international operation, with 11 indictments so far. Two cyber criminals have already plead guilty.
TJX runs 882 of its namesake stores, 811 Marshalls, 322 HomeGoods and 141 A.J. Wright stores in the United States. It has 203 Winners, 75 HomeSense and 3 Stylesense stores in Canada and 242 T.K. Maxx and eight HomeSense stores in Europe.