|
|
« Rain, sleet, snow ... repeat | Today | Emergency registry to help those with special needs » December 19, 2007TJX, banks settle litigation over massive data breachBOSTON -- TJX Cos. and nearly all the banks and bank associations that sued the discount retailer over a massive credit card data breach said Tuesday they have settled the lawsuit for an undisclosed amount. Although both sides said the settlement total would remain confidential, TJX said the costs were covered by a $107 million reserve that it set aside against its second-quarter earnings. TJX also has said that $107 million would cover the costs of another breach agreement: a Nov. 30 deal with Visa Inc. to help pay a maximum $40.9 million to help the network's card-issuing banks recover expenses to replace customers' Visa cards. Between the two agreements and costs of about $125 million to boost security, TJX appears in good position to financially manage breach-related expenses, said Avivah Litan, a security analyst with Gartner Inc. "This was a big thorn in their side," Litan said. "It was costly, but in the end, it's just one blip on their balance sheet." Framingham, Mass.-based TJX, with $18 billion in annual revenue and 2,500 stores including T.J. Maxx and Marshalls, also faces pending state and federal investigations into the breach, which could result in fines. And one of the small banks that sued TJX last spring didn't agree to sign onto Tuesday's settlement, filed in U.S. District Court in Boston. Alabama-based Amerifirst Bank declined to take part in a deal that included state associations representing hundreds of banks in Massachusetts, Connecticut and Maine, as well as Massachusetts-based Eagle Bank and Saugusbank, and Connecticut-based Collinsville Savings Society. "Those parties obviously felt they did what was in their best interests, but we feel that TJX caused a grave injustice to banks across the country, and many of those banks are small community banks like Amerifirst," said Inge Johnstone, a lawyer for the bank. "We have a duty to continue representing our clients, and this case continues for Amerifirst." The banks sought unspecified damages for costs including expenses to reissue customers' credit cards and monitor for fraud. After initially disclosing the data heist in January, TJX said in March that at least 45.7 million cards were exposed to possible fraud in a breach of its computer systems that began in July 2005. But the breach wasn't detected until December 2006. Recent court filings by the banks that sued TJX put the number of cards affected at more than 100 million, based on estimates by officials with Visa and MasterCard, who were deposed in the lawsuit. It's believed to be the largest data breach ever, based on the number of customer records involved. -- The Associated Press Tuesday's settlement reimburses the banks for a negotiated portion of the costs and expenses the banks incurred, but doesn't include attorney fees. Bruce Spitzer, a spokesman for the Massachusetts Bankers Association, said the banks settled "because we believe we already achieved many of the objectives of the litigating...The public is now aware that the banks were not the source of the data breach." The settlement comes three weeks after the banks suffered a setback. U.S. District Judge William Young ruled that the banks could not pursue their claims as a class, and instead must individually seek to recover costs. The associations that agreed to settle - which also includes the Connecticut Bankers Association and Maine Association of Community Banks - are recommending that their member banks accept TJX's separate agreement with Visa. That deal hinges on banks agreeing to participate, and doesn't include other card networks like MasterCard. By taking part, the banks agree to waive rights to sue, in exchange for being paid for their breach-related costs by Dec. 27. Issuers of at least 80 percent of eligible Visa cards must accept the offer by Wednesday for the settlemcent to take effect. Posted by Jack Perry CommentsPost a commentPlease be civil. Vicious comments, personal attacks and profanity won't be published. Name and email are required; email address will not publish. |
|
ADVERTISING |
|
|
|
|
| Su | Mo | Tu | We | Th | Fr | Sa |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | 31 |
ProJo 9 to 5 News Blog
Oct 2005 - March 2006