TJX Intruder Had Retailer's Encryption Key

The massive data breach at $16 billion retailer TJX involved someone apparently armed with the chain's encryption key, but it might not have been needed as the cyber-thief was accessing data during the card-approval process before it was encrypted. These are among the latest details in what is almost certainly the worst retail data breach ever. In a 10-K filing to the federal SEC (Securities & Exchange Commission), TJX said it didn't know who the intruders were, but it did provide more details about what they say happened that led to the card information of some 46 million consumers to get into unauthorized hands.

The intruder or intruders here apparently planted software in TJX systems to capture data throughout the day and they also engaged in an increasingly popular tactic: post-event cleanup. That's where intruders spend extra effort cleaning up their tracks—deleting and otherwise tampering with log files, changing clock settings and moving data to hide their movements.

View: The full story
News source: eWeek

Report a problem with article
Previous Story

How's the Reception at Channel 9?

Next Story

Red Hat says Yahoo relationship intact

3 Comments

Commenting is disabled on this article.

its a calm clever organized heist the hackers were able to carry out, think of it a Non glamorous Ocean 11 type group calmly carrying this hack and it went for some years. thats a HUGE thing. They didn' t panic or got lazy.

Anything organized is always a danger if its on wrong side of law. I guess the security system providers need to up their ante now.

I would like to mention the snotty and ****ty anti-virus ppl being interviewed onTV (i saw trend pcillin guy interviewed on CNN) to explain this is waste of time. all they say is Organizations were using Old software and they need to upgrade their antivirus systems regularly..... i wish something crushes this people. They should give up trying to say upgrading to latest systems solves ALL problem and mention this was not simple hack_a_day_script_kiddie job.

One of the commenters on that site, eWeek, made a good point -- why does it matter if they did or didn't have the encryption key? If they were in their systems for 18 months they hardly needed to break their encryption, or anyways, that was at best a secondary side effect of having pwned the systems in the first place. It just sounds to me like someone is trying to spread FUD about encryption not being a good defense, but it's just part of a good defense.