Skip main navigation

New offer! Get 30% off one whole year of Unlimited learning. Subscribe for just £249.99 £174.99. New subscribers only. T&Cs apply

Find out more

Data breaches and attacks

Looking at examples of security breaches and hacker attacks on large companies.

You have learned that collecting consumer data is a priority for many retailers, but protecting the information is sometimes problematic and the information is often the target of thieves. We often hear of security breaches and hacker attacks on large companies.

The TJX Companies breach

One of the first reported major retailing data breaches, and one of the biggest was reported in 2007 by TJX Companies, the parent company of more than 2,500 T.J.Maxx, Marshalls, and other stores. It was discovered that hackers had broken into their computer system, which contained millions of customer credit and debit card numbers along with drivers’ license numbers. The breach began when hackers intercepted wireless transfers at two Marshalls stores in Miami, which eventually led the hackers to break into TJX’s central databases. The information stolen, which dated as far back as 2003, was used to make fraudulent purchases all over the world.

According to an article published in The Boston Globe in August 2007, TJX Companies reported that costs from the breach had reached $256 million dollars (Abelson, 2007), which is approximately ten times the $25 million that the company estimated just three months prior. In 2009, Dan Kaplan reported that TJX agreed to pay $9.75 million to settle the 41 investigations being conducted by states’ attorneys general. This included $7.25 million in settlement fees and to cover the states’ costs for the investigations.

Additionally, the company agreed to provide $2.5 million for states to establish new data security funds and initiatives and develop best practices and consumer outreach. general. This included $7.25 million in settlement fees and to cover the states’ costs for the investigations. Additionally, the company agreed to provide $2.5 million for states to establish new data security funds and initiatives and develop best practices and consumer outreach.

The DSW (Designer Shoe Warehouse) breach

In another noteworthy attack, in 2007 a hacker gained access to 1.4 million DSW (Designer Shoe Warehouse) customers’ credit card and debit card numbers along with 100,000 checking accounts and drivers’ license numbers, resulting in fraudulent charges occurring on some of the customer accounts.

Consequently, after being notified of the breach, DSW customers had to close their accounts, incurring out-of-pocket expenses for items such as having to have new checks printed. DSW, which is a major national shoe retailer, collected the consumers’ personal information at the point of purchase including their name, credit card number, expiration date, and other “magnetic stripe” data. In investigating the case, the Federal Trade Commission (FTC) held DSW liable for having insufficient security measures in place to protect the information. They also required DSW to establish and maintain a comprehensive security program to ensure the safety of consumer data (Staff, 2015).

What was the outcome of these breaches?

As a result of the two computer breaches at DSW and TJX Companies, consumer advocates started calling for better protection of such data, and retailers would be held liable for failing to protect customer data (Abelson, 2007). However, even with more precautions being taken by companies who collect such data, due in part to the sheer amount of data that is being collected today, Juliana De Groot reports the number of data breaches in the United States has been rising steadily.

On the website DigitalGuardian.com she provides an interesting overview of the types of data breaches, a history of major data breaches as well as guidelines on how to protect data from a company and consumer viewpoint.

The attached table provides a look at some of the more notable data breaches in recent years. The table is available for download below.

In the world of business, there are a number of issues to consider concerning the collection of consumer information at the point of purchase.

This article is from the free online

Sales and Advertising Ethics in the Fashion Industry

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now