Search
Privacy experts: T.J. Maxx breach was foreseeable: The breach of sensitive personal information held by TJX, operator of discount chains including T.J. Maxx and Marshalls, earlier this year was foreseeable, but the company failed to put in place adequate security safeguards, according to a report.
"The company collected too much personal information, kept it too long, and relied on weak encryption technology to protect it, putting the privacy of millions of its customers at risk," Jennifer Stoddart, the privacy commissioner of Canada, wrote in the report, which was released Tuesday.
Modern crime made a large-scale breach of this kind inevitable, Stoddart concluded. "Criminal groups actively target credit card numbers and other personal information," she said in the report. "A database of millions of credit card numbers is a potential goldmine for fraudsters, and it needs to be protected with solid security measures."
What made such a breach more likely was that the information had been kept for a long time, she said. "The TJX breach is a dramatic example of how keeping large amounts of sensitive information, particularly information that is not required for business purposes, for a long time can be a serious liability."
Stoddart said the affair was a "wake-up call" for all retailers.
(Read Original Article - Via Privacy : Tech news from CNET .)
Delicious
Digg
Reddit
Google
Yahoo
Technorati