TK Maxx credit/debit card fraud. Buyers between Jan 03 & June 04 at risk

peterbaker

dc, that sentence you quote is a nonsense.

Are you trying to prove black is white, or that grey is acceptable?

dc

No just that the link to UK identity theft is tenuous to say the least. Where is the proof?


Plus the data stolen is 4 or 5 years out of date. Martin said that on TV last night.

The Tmes report refers to
"Everyone who paid with credit or debit cards at any branch of TK Maxx between January 2003 and June 2004 is at risk. "

They TJX may of course be lying.

trisontana

dc wrote: »

No just that the link to UK identity theft is tenuous to say the least. Where is the proof?


Plus the data stolen is 4 or 5 years out of date. Martin said that on TV last night.

The Tmes report refers to
"Everyone who paid with credit or debit cards at any branch of TK Maxx between January 2003 and June 2004 is at risk. "

They TJX may of course be lying.

And by now most of those cards will have been replaced.

peterbaker

dc wrote: »

No just that the link to UK identity theft is tenuous to say the least. Where is the proof?

Proof of what? TKMaxx security lapses?? Do you work for them or are you just inexplicably trying to put people off guard?

Plus the data stolen is 4 or 5 years out of date. Martin said that on TV last night.

Well if Martin said it in the way you are saying it then he apparently did us no favours on this occasion, did he?

It would appear that the data stolen might be 3 or 4 years old, but we all know that some cards are long dated. My girlfriend has one that she used in TKMaxx several times that has 6 or 7 year validity period. Not the norm, I know, but 3 years isn't unusual, especially for cards that were issued 3 or 4 years ago.

Did we not read that the stolen data was apparently being used in December 2006, and might it still be being used?

2006 minus 3 = 2003
2007 minus 3 = 2004
i.e. a continuing valid credit card risk for some people.

In fact, without hunting very far at all I now have a receipt here in my hand dated December 04 from TKMaxx which reminds me I have a very very typical debit card which was issued in March 04 and doesn't expire until the end of June 2007. I am sure I used it at TKMaxx during the period in question too.

The Times report refers to "Everyone who paid with credit or debit cards at any branch of TK Maxx between January 2003 and June 2004 is at risk."

i.e. a personal data theft risk to EVERY card user who shopped there during that period IN ADDITION to the direct risk of card fraud to people like me whose cards did not expire long ago or even worse, are still valid.

Now then, would you perhaps now desist from attempts at disemminating disinformation, dc, whether it is your own or anyone elses disinformation? (please)

Thank you.

dc

peterbaker wrote: »

Proof of what? TKMaxx security lapses?? Do you work for them or are you just inexplicably trying to put people off guard?

Proof that any UK customer has been a victim of fraud, and that fraud was a result of shopping at TKMaxx.

The security lapse was definitely in the USA at tJmaxx, the link to Watford is AFAIK a journalistic licence.

Off guard???? if you read my first post I said,
"By all means keep an eye on your card transactions, as you should do regularly anyway. This advice applies to all credit card useage, not just with TK Maxx.

Has your girlfriend suffered as a result of shopping there? Dec 04 comes after June 2004, seeing that you are determined to make a link? I cannot see that detail being stored on a computer in the USA. Or are you just reacting to the news?

James

Unfortunately where card details are used to comit fraud it is almost impossible to trace the source of the compromise. That is unless the will is there by the card industry to do some joined-up investigations, which in turn may lead to a loss of faith in the system.

peterbaker

dc wrote: »

Has your girlfriend suffered as a result of shopping there? Dec 04 comes after June 2004, seeing that you are determined to make a link? I cannot see that detail being stored on a computer in the USA. Or are you just reacting to the news?

dc, I have decided you are either seriously missing the point, or you are a stooge (I have seen a lot on MSE over the years).

Well done for spotting that December 2004 comes after June 2004.

Determined to make a link?? The link already exists.

I wrote that without too much trouble I found a receipt from TKMaxx dated December 2004 which contained printed details of my card at that time, and which, lo and behold, is still my current card. Furthermore, when I checked the card itself, it was in fact my current card as probably used a number of times in TKMaxx as far back as March 2004 because that's when it was issued.

You might note that March 2004 comes before June 2004.

I haven't bothered to hunt out any further receipts from earlier than the one I found because I KNOW I was already a customer of TKMaxx, probably as far back as December 2003 in fact.

I already have all the information I need at this stage to get angry and with good reason. I now know I am at risk of being defrauded as a direct result of TKMaxx questionnable personal data retention policy and security lapses until someone in authority tells me I am not and why not. Now if TKMaxx would like to come clean as to exactly who is truly effected instead of being mealy-mouthed about it, then I might be able to eliminate myself and my girlfriend from the list of hundreds of thousands who are today at risk. Until then, I am entitled to criticise the hell out of them. What were they thinking of anyway? Retaining data that apparently was sufficient to make further transactions without authority? Some jolly wheeze to protect themselves from potential future cashflow problems perhaps by retaining data that would enable them to "accidentally" make repeat transactions a year after the first or some such scheme??

I have had that happen in another scenario so don't be tempted to dismiss it too easily.

As for whether my girlfriend has lost any money at this stage, how the hell do we know unless we trawl through heaps of statements looking for what exactly?? That's why I am so angry about it. TKMaxx have gone quiet and are just waiting for the storm to blow over. Lazy uncaring sh*ts!

Neither TKMaxx nor anyone else have offered their customers any clue about what type of fraudulent transactions have been discovered on other people's accounts. Very helpful (NOT!).

TKMaxx is one of those interesting companies that just spring from nowhere. There are still many in the UK who have never heard of them, but yet they are in every major shopping mall in the South and probably all over UK. They invested in the UK very suddenly and very fast and their business has always fascinated me. Apart from the better stuff on their clothes rails, they have an awful lot of shelves full of old tat, a lot of which gets more and more tatty for weeks on end and does not move until the day it is accidentally dislodged for the hundredth time that week and smashes completely on the floor. And the Customer Services desk is always full of people bringing back multiple items within their 30 day no quibble returns policy. What makes it viable, I wonder?

Trying to work out when and if they have ever made or will ever make a profit is a bit like wondering about how Ryanair can make a profit selling £10 flights.

PS And ds, please don't lecture us on checking all our card statements carefully and regularly. We might need to when we learn of very tiresome security lapses like this, but we certainly wouldn't have to if our personal data is stored safely like we are entitled to expect from major retailers. Indeed not so long ago the message from our credit card companies was that we need not worry as we are fully protected from fraud. So many people don't check regularly, only when a news story like this breaks.

dc

I posted to point out that the British media has resorted to its usual headline grabbing scare tactics, and it seems to be working.

I am in no way condoning what happened in the USA, trying to point out that that the danger was being overstated by the UK press. AND that this is OLD news. (10 wks)

TJX discovered the hacking just before "The Holidays" (ie Christmas) they deliberately sat on it, I wonder why?
They eventually confessed/broke the news mid January. It was big news because it concerned the computer records of their two main businesses, TJMaxx ( not TKMaxx) and Marshalls (big mail order and retail business in States).

Why has it taken the UK media over 2 months to catch on to the story, with tenuous links to TKMaxx's computer records?

I honestly believe you are worrying unescessarily, and that your red mist is pointed in the wrong direction. A hell of a lot of companies keep that sort of info, but hopefully is encrypted, unlike the TJX data.

Doesn't your bank offer protection against electronic card theft, mine says it does, and the only time it happened to me I was fully refunded, though admittedly inconveneinced to say the least.
Your card details are more at risk in a restaurant or petrol station.

No I am not a plant,
I have used my card at both TJMaxx and Marshalls in 2003/4 in the States, so no doubt my card details would on their computers. But not enough data to concern me.
I am more scared of crossing the road, than having my details used fraudulently, because the American approach to card use is different.
They don't use chip and pin, so they don't have my card security details nor the number on the back. They do not have my address. I cannot use my cards for mail order there because I don't have a US address.

If I were a US citizen, then I would be more worried, because for card security they have to give their driving licence details or social security number ( National Insurance over here), as proof of identity and those were the sensitive details on the hacked computer records. That is what the fuss is about there.

PS BTW they started their UK ops in Bristol in 1993, the logo is exactly the same as their US shops, but changed the J to a K, possibly so that they could tell the difference.;)

James

Tavelodge disclose card details to phoney cops.

Story here.

Location: Trravelodge - Skipton, North Yorkshire.

trisontana

James wrote: »

Tavelodge disclose card details to phoney cops.

Story here.

Location: Trravelodge - Skipton, North Yorkshire.

Very old news and a non story really :-


'A Travelodge spokesman said: "In July 2005 some customer information was obtained by deception from our Skipton hotel.


"Just two illegal transactions were made of minimal value. Since this incident, no customer paperwork is stored at hotels and staff have been trained to deal with this type of crime." '