If you’ve recently shopped at T.J. Maxx with a credit card, check your statements. Hackers took an unwelcome shopping excursion through the credit card information of the retail giant.
T.J. Maxx, Marshalls, HomeGoods and A.J. Wright stores in the U.S. and Puerto Rico, Winners and Home Sense stores in Canada, as well as T.K. Maxx in the U.K. and Ireland were affected, said parent company TJX Companies (Quote). The company said its Bob’s Stores could also be involved.
U.S., Canadian and U.K. law enforcement agencies are still investigating, but the company knows hackers took the credit and debit card information of a “limited number” of customers. The company said a “relatively small number” of customer names and driver’s license numbers were removed from the system.
Hackers accessed the customer information during 2003 and mid-May through December 2006.
Upon discovering the data breach, TJX hired IBM (Quote) and General Dynamics (Quote) to learn what information was lost and how security could be improved. The companies then adopted a new containment plan.
TJX did not provide further details and didn’t immediately return calls.
“We were extremely disappointed when we determined that we have suffered an unauthorized intrusion into our computer systems,” said Ben Cammarata, founder and acting CEO of TJX. The company’s computer systems process and store customer transaction information.
TJX operates more than 2,500 clothing stores in the U.S., Canada and the U.K.