Billing for Data Breach at TJX
The TJX data breach saga continues. This has become a classic case study in how not to handle a data breach. There was the late disclosure about the breach, the rush to consultants to create a security strategy to prevent breaches after the fact, the slow leak of information that the breach was worse than originally reported, shareholder lawsuits, and pouring salt in the wound, TJX kept more personal data than needed and in violation of industry rules.
In Credit Union Bills TJX $590k for Breach Costs ComputerWorld reports on
HarborOne Credit Union in Brockton, Mass which is billing TJX for recovery costs and damage:,
Blake [President and CEO of HarborOne] said that because of the breach at TJX, HarborOne had to block and reissue about 9,000 debit cards at a cost of around $90,000. The remaining $500,000 on the bill is what he thinks the breach has cost the credit union in terms of damage to its reputation.“We had to notify customers of the fact that their account was breached,” Blake said. “There were some questions on their part [about] whether or not we were responsible [for the breach], when in fact it was TJX’s responsibility.”
Blake doesn't sound to confident about recovering costs and damages without a yet another lawsuit; as he and just about everyone else has noticed: “They have run from the problem from the very beginning.”
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
