Who says CEOs aren't worth their pay? You have to admire their ability to minimize, trivialize and otherwise contain the potential damage. This will undoubtedly be an important case study for Public Relations.
I was hoping that more details would be revealed. Has there been enough time for a complete review of the available evidence, and if so was it factored into the settlement? Lots and Lots of unanswered questions here. NOTE: This is actually on the TJX web site (http://www.tjx.com/tjx_message.html) but with no visible link. (Fortunately, it is trivial to capture the URL)
http://www.journalgazette.net/apps/pbcs.dll/article?AID=/20070921/APF/709210905&template=apart
TJX says settles customer class action suits in security breach
By Sylvia Lee Wingfield Associated Press
The TJX Companies, Inc., a discount retailer, said Friday [Traditional “no one will notice” day... Bob] it settled customer class action lawsuits in the United States, Canada and Puerto Rico stemming from a massive security breach of customer data that affected at least 45 million credit and debit cards.
The announcement did not specify the settlement cost, but noted that its estimated costs were included in a $107 million reserve included in its second-quarter report for fiscal 2008 and its estimate of $21 million in costs expected in fiscal 2009. The $107 million figure also includes costs from other lawsuits not included in the customer class actions, the Framingham-based company said.
The settlement also includes Cincinnati-based Fifth Third Bancorp, [I couldn't find anything on their site... Bob] which processed some payment card transactions for TJX and was named in some of the customer lawsuits.
TJX said it denied the allegations in the customer lawsuits. It concluded that more legal action would be time-consuming and expensive.
"We deeply regret any inconvenience our customers may have experienced as a result of the criminal attack on our computer system," TJX President and CEO Carol Meyrowitz said in a statement.
TJX said a condition of the settlement is an evaluation of its computer security improvements by an independent security expert chosen by the plaintiffs. [and if they evaluate as “worthless?” Bob] It also is subject to court approval.
"We think it's good for the members of the class and appropriate for the members of the class and we also commend the company on the way they handled it," said Tony Merchant, attorney for the Canadian plaintiffs. "For society, it's appropriate that the company has agreed that they'll allow other views on how their systems work, so it's the act of a responsible company."
TJX said customers who returned merchandise without a receipt and were sent letters notifying them that their driver's license or other identification information may have been compromised will be offered three years of credit monitoring and identity theft insurance coverage. Some of those customers also will be reimbursed for the cost of replacing drivers' licenses. If their drivers' licenses or other ID numbers were the same as their Social Security number, they will also be reimbursed for certain losses from identity theft.
The company said it would offer vouchers to customers who show they shopped TJX stores, except Bob's Stores, in the U.S., Canada or Puerto Rico during the period affected by the breach and incurred certain costs related to the breach.
The company said it will hold a one-time, three-day customer appreciation event reducing prices 15 percent, expected sometime next year. [Oh look! They're using the settlement to advertise a sale! Bob]
... Independent organizations that track data thefts say the TJX case is believed to be the largest in the U.S. based on the number of customer records compromised.
[More: go to: http://www.tjx.com/class_action.html
They also changed their FAQ and now admit the security breach dates from July 2005: http://www.tjx.com/tjx_faq.html They still don't admit the data was used, even though Florida has convicted someone who used their data to purchase gift cards at Walmart.
Is this a duplicate? No date in the articles, nothing on the college web site – are they learning from TJX?
http://www.pogowasright.org/article.php?story=20070921164724761
Suspected security breach at CPCC
Friday, September 21 2007 @ 04:47 PM EDT Contributed by: PrivacyNews News Section: Breaches
A possible security breach at Central Piedmont Community College has officials there taking precautions, as a former employee of the college may have accessed private employee information like social security numbers, birth dates and addresses.
Thursday, an email was sent out to nearly 2,600 employees, warning them of the possible incident.
Source - News14.com
Interesting how they found this...
http://www.pogowasright.org/article.php?story=20070921193319162
(updated) Citigroup Customer Data Leaked on LimeWire
Saturday, September 22 2007 @ 08:31 AM EDT Contributed by: PrivacyNews News Section: Breaches
Citgroup has confirmed that it's investigating a data breach involving the names, Social Security numbers and credit information of 5,208 customers leaked by an employee of its ABN Amro Mortgage Group unit onto the LimeWire peer-to-peer file-sharing network.
Tiversa, a company that monitors P2P networks on behalf of clients, told eWEEK that it found Excel spreadsheets from the desktop of a financial analyst ABN Amro Mortgage Group running LimeWire. Although Tiversa found over 10,000 files, deduplication revealed only 5,208 unique Social Security numbers, along with names and what type of mortgage each customer had: conventional, 30-year or conforming, for example.
Source - eWeek
Interesting where Pogo found this one...
http://www.pogowasright.org/article.php?story=20070921193442215
(update) Gander Mountain Announces Recovery of Pennsylvania Store Computer; Confirms No Customer Data Was Compromised
Friday, September 21 2007 @ 07:34 PM EDT Contributed by: PrivacyNews News Section: Breaches
Gander Mountain Company (Nasdaq: GMTN - News) today announced the recovery of computer equipment containing certain customer transaction information relating to a single store in Greensburg, Pennsylvania. An independent security assessment firm has verified that no customer data was accessed or compromised.
Source - PRNewswire
“Why? Because we can, you silly American.” Note: This sounds logical...
http://www.pogowasright.org/article.php?story=20070921111332886
French Plan to Screen DNA of Visa-Seekers Draws Anger
Friday, September 21 2007 @ 11:13 AM EDT Contributed by: PrivacyNews News Section: Non-U.S. News
The French National Assembly on Thursday approved a controversial proposal authorizing the use of DNA testing to determine whether foreigners applying for visas are actually related to family members they seek to join in France.
The plan, part of President Nicolas Sarkozy's efforts to make it tougher for foreigners from Middle Eastern and African countries to immigrate to France, prompted outrage from human rights groups, opposition politicians and some members of the president's cabinet.
Source - Washington Post
“Why? Because we can, you silly American.”
http://www.pogowasright.org/article.php?story=2007092110551457
Federal Agent Indicted For Using Homeland Security Database To Stalk Girlfriend
Friday, September 21 2007 @ 10:55 AM EDT Contributed by: PrivacyNews News Section: In the Courts
A special agent with the Department of Commerce has been charged with unlawfully accessing a database within the Department of Homeland Security to stalk his former girlfriend and her family.
Benjamin Robinson, 40, of Oakland, Calif., was indicted by a federal grand jury in San Jose Wednesday in connection with allegations that he accessed a government database known as the Treasury Enforcement Communications System (TECS) at least 163 times [See? They keep logs. Bob] to track a woman's travel patterns. He is being charged with making a false statement to a government agency, and unlawfully obtaining information from a protected computer.
Robinson faces a maximum of 10 years in prison and a fine of $500,000.
Source - InformationWeek
More like this! I doth implore
Other judges are such a bore
Writing opinions in boring prose
Whilst you use poesy to state your NOs!
http://wbztv.com/watercooler/local_story_264093314.html
Sep 21, 2007 9:21 am US/Eastern
N.H. Judge Rhymes Ruling To 'Green Eggs And Ham'
(AP) CONCORD, N.H. A New Hampshire prison inmate's file drove a federal judge to rhyme to express himself.
U.S. District Court Judge James Muirhead reached for Dr. Seuss' "Green Eggs and Ham" for inspiration when a prison inmate protesting his diet attached a hard-boiled egg to documents sent to court.
"I do not like eggs in the file.
I do not like them in any style.
I will not take them fried or boiled.
I will not take them poached or broiled.
I will not take them soft or scrambled
Despite an argument well-rambled,"
Muirhead wrote in his response to inmate Charles Wolffe.
He then ordered the egg destroyed: "No fan I am Of the egg at hand. Destroy that egg! Today! Today! Today I say! Without delay!"
Wolffe says he is an Orthodox Jew and has accused prison officials of refusing to feed him a kosher diet. He is seeking to the proper foods and $10 million from the state. His case has been scheduled for a trial. [“an argument well-rambled” does it every time. Bob]
This company clearly looks at the logs of system activity. Why can't companies that allow Data Spills do the same?
http://techdirt.com/articles/20070920/202649.shtml
Fired For Using eBay At Work
from the did-they-at-least-buy-anything-good? dept
There have been a bunch of bogus stories over the years (usually placed by companies that sell internet filters) about the productivity losses of personal surfing at work. However, other studies have shown that personal surfing tends not to be a problem for most people. It helps ease the work-life balance that has all too often created a situation where "work" interrupts "life." Thus, it seems only fair for "life" to occasionally show up at "work." In fact, one study showed that people who do personal surfing at work tend to make it up either by being more productive or putting in extra work time from home. The key, really, is to look at whether or not the person is getting their job done. If they're able to get the job done, then does it really matter if they spend some excess time surfing?
Over in the UK, there's a story about nine office workers who were fired after it was discovered that they had spent up to two hours a day on eBay. That seems like quite a bit (though the "up to" part can be misleading). However, some questions aren't answered. For example, there's no indication as to whether or not it impacted their job performance. It's also not clear from the report if these workers were exclusively using eBay or just had the window open while doing other things. Right this second, I have about eight or nine browser windows open. Most are work related, but a few are not -- but if I leave the window with the latest baseball scores open all day, it doesn't mean I only was checking baseball scores all day. The employees apparently are represented by a union -- but rather than arguing the points I've mentioned here, they're actually arguing that it's (get this) the employer's fault for putting temptation in the way of these workers and not filtering out eBay. That seems ridiculous and hopefully doesn't get any support at all.
Pirate Bay may press the case just to amuse their users (who will probably gleefully contribute to the “counter-attack fund”)
http://techdirt.com/articles/20070921/180540.shtml
The Pirate Bay To Sue Entertainment Companies For Attacks
from the could-get-interesting dept
Well, this could get interesting. Following the leak of MediaDefender's emails, the folks behind The Pirate Bay now believe they have enough evidence to sue many major entertainment firms for "infrastructural sabotage, denial of service attacks, hacking and spamming." Basically, there's evidence in the emails that a bunch of firms, including Universal, EMI, Sony, Paramount and others were using MediaDefender to try to mess with The Pirate Bay's system. Whether or not the lawsuit actually goes anywhere may depend on a lot of factors (including Swedish laws, which I am totally unfamiliar with). There may be some questions about how the emails in question were obtained. And, of course, the entertainment companies will likely counter that they were just trying to protect their own materials -- which could find a sympathetic ear in a courtroom. Either way it would be quite a lawsuit.
[Also see: http://thepiratebay.org/blog/86
Dumb student? “Any sufficiently advanced technology is indistinguishable from magic.” Arthur C. Clarke The Tremendously Suspicious Agency doesn't like magic.
http://it.slashdot.org/article.pl?sid=07/09/21/1849208&from=rss
MIT Student Arrested For Wearing 'Tech Art' Shirt At Airport
Posted by Zonk on Friday September 21, @03:56PM from the don't-be-a-jerk-to-the-police,-they-have-guns dept. Education Security United States
SuperBanana writes "According to a report by the Boston Globe, MIT Student Star Simpson was nearly shot by Logan Airport police who thought she was armed with a bomb. She approached an airline employee wearing a prototyping board with electronic components, crudely attached to the front of her sweatshirt and holding 'putty' in her hand. She asked about an incoming flight, and did not respond when asked about the device. Armed police responded. 'Simpson was charged with possessing a hoax device and was arraigned today East Boston Municipal Court. She was held on $750 cash bail and ordered to return to court Oct. 29. "Thankfully because she followed our instructions, she ended up in our cell instead of a morgue," Pare said. "Again, this is a serious offense ... I'm shocked and appalled that somebody would wear this type of device to an airport."'"
This may have some potential. Imagine providing your own commentary on the political debates or annotating a demo video.
http://www.killerstartups.com/Web20/tjoon--Create-A-Split-Screen-Video/
Tjoon.com - Create A Split Screen Video
Want to create a lively split screen video? Want to jam out with others? All you need is a web camera and you can visit Tjoon and create split screen videos. Register and start your video. Simply go to record your Tjoon connect your web camera and hit the red button to record. You can record 30 seconds of each screen or as many screens up to four. Collaborate with other Tjoon users, start a beat with your keyboard and ask them to elaborate with other instruments. Take a look at the most popular and most recent Tjoon lists to get an idea of what you can do or visit the blog to see what people are talking about. You think that a Tjoon is excellent, say so by leaving a comment or rating the video. Be creative and make cool split screen videos at Tjoon.com.