Rhode Island AG investigating security breach
PROVIDENCE, R.I. - Rhode Island Attorney General Patrick Lynch is alleging that by allowing a security breach on its computer network, TJX Companies violated the Deceptive Trade Practices Act.
Lynch filed a Civil Investigation Demand Monday in Providence County Superior Court against TJX, the parent company of stores such as T.J. Maxx, Marshalls, Bob's Stores and Home Goods. He says that the company has put consumers at risk for fraud and identity theft.
On Jan. 17, TJX disclosed that a hacker stole credit and debit card numbers and driver's license numbers from its computer system. Lynch is claiming that the company was negligent in its security measures.
TJX said it discovered the breach in December.
"By delaying a public announcement, with the help of top security experts, we were able to contain the problem and further strengthen our computer network to prevent further intrusion," Chairman Ben Cammarata said in a letter in The Boston Globe and the Boston Herald. "Therefore, we believe we were working in the best interests of our customers."
Lynch apparently disagrees.
"TJX owes its customers respect, not neglect," Lynch said. "By being negligent in its security procedures and by failing to employ immediate and aggressive methods to notify their many customers of the distinct possibility that their identities had been -- or were at risk of being -- stolen, TJX has displayed disregard for its customers."
TJX has set up customer help lines for any affected consumers. A report on wmur.com said that Merrimack County Savings Bank has found more than 2,000 compromised cards, but no fraudulent purchases have been made with any of them.