Challenges and Security Issues

The Worst Data Theft Ever? The security control weaknesses that were shown at TJX companies were that they had a weak and vulnerable security network that allowed hackers to develop a sniffer which is “a type of eavesdropping program that monitors information traveling over a network” (Laudon & Laudon p. 302). Also TJX was found to be using an old WEP encryption system that is fairly easy for hackers to crack while other companies had switched to a much more secure program. An auditor had found that the company had disregarded the fact the need to install proper firewalls and data encryption on the computers used and did not have installed the extra level of security software that they had purchased. According to PCI’s standard companies are not to hold onto cardholder data but for a certain period of time and TJX was found to have been saving this information for years. In my opinion, TJX knew that there were issues going around and just seemed to take the cheap and easy way out and not installing the more secure programs in order to protect their customers from fraud and hackers. The company itself wasn’t just in trouble with the customers, but also with the credit card issuers as well but once they realized and reported those 45 million card numbers they should have gone to extreme measures to make the security changes. The impact was more on the customers than the company itself; however, the blame is to be placed on the company for not doing their part to ensure customer information. There were many reports made to banks and credit card issuers from the holders of fraudulent charges made on their accounts and this caused the banks to have to spend time investigating and returning the money to the cardholders that had been affected. I am sure that TJX was affected as well because people were not shopping there as much