I find stuff like this all the time...and I am not even looking for it most of the time. Identity Theft is becoming pandemic, and you will probably read this article, and think to yourself...well, I don't shop at TJ Maxx, so see how safe I am?

Where do you shop? And are you SURE that they are keeping your private information safe?

Where do you surf? And are you sure that you are safe wherever you go online?

Hack Attack Means Headaches For TJ Maxx

Parent company TJX may have violated Visa security rules by storing credit-card data

By Larry Greenemeier

Feb 3, 2007 12:05 AM (From the February 5, 2007 issue)

Fallout from a hacker attack on the IT systems of TJX, whose properties include T.J. Maxx, Marshalls, and HomeGoods retail stores, intensified last week, as credit card fraud related to the incident was reported in several states and outside the United States, and as lawsuits were launched against the company, including a consumer class-action suit.

The attack, which was reported two weeks ago, is taking a financial toll on TJX. The company said last week it will record a fourth-quarter charge of 1 cent per share, or about $4.5 million, related to the hack, including the costs to investigate and contain the intrusion, enhance computer security, and communicate with customers. Things are likely to get worse, as a number of documents sent by Visa to financial institutions that issue cards and manage Visa transactions indicate TJX was storing credit and debit card data in violation of the Payment Card Industry Data Security Standard created by Visa and MasterCard.

Merchants like TJX aren't supposed to store cardholder data because a thief can use that information to create a counterfeit credit or debit card. "I can see storing data for a few hours or a day until transactions clear, but some of the stolen data goes back to 2003," says an executive at a California credit union that issues Visa cards and has been stung by the TJX hack. "That's a long time to be out of compliance."

TJX was storing customer information that's recorded on Track 2 of a Visa card's magnetic stripe, which generally includes the account number, the expiration date, and the card verification value, a three- or four-digit code that's used to verify the card's authenticity. That data is enough for crooks to make fake cards and run up charges. Track 1 is where alphanumeric data, including the cardholder's name and address, is recorded; apparently TJX wasn't storing that data.

Hence, chairman and founder Ben Cammarata's assertion, in a video on the company's Web site, that customer names and personal identification numbers weren't compromised. "It would be unlikely for cyberthieves to commit identity fraud using the information taken," Cammarata said. As a result, TJX has no plans to offer credit monitoring services for its customers. "Credit monitoring does not detect fraudulent charges on your credit and debit accounts," he said.

READ THE REST OF THE ARTICLE HERE

---

Wow. I guess we are all at risk sometimes, regardless of what we do to protect ourselves in ways that we can control. Are you doing at least that? Are you protecting yourself as much as you truly can in ways within your control? Do you have an Identity Theft Insurance Policy just in case?

Did you know that INVISUS Direct INCLUDES a $25,000 ID Theft Policy for every subscriber and his/her spouse? That's just PART of the $15.00 a month you pay for this unparalleled service.