TJX Sales Are Up; So Are Data Theft Costs
FRAMINGHAM, Mass – TJX Companies, parent of discount retailers T.J. Maxx and Marshalls dogged by continuing data theft costs, is reporting increases of 9% in net sales from continuing operations in the second quarter of their fiscal 2008, to $4.3 billion. Income from continuing operations in Q2 was $59 million, and diluted earnings per share from continuing operations were 13 cents, the company said in a release.
The company is estimating the cost of what has been the largest customer data security leak in history, after cyber-thieves stole some 45 million customer records. TJX has reportedly spent $20 million on the investigation and incident’s uncomfortable aftermath. But there’s more: In Q2 of fiscal 2008, “the company recorded an after-tax cash charge of approximately $118 million, or $.25 per share” related to the intrusions, according to a press release. That figure includes a $107 million reserve to cover estimated losses. TJX expects at least to lose $21 million more in fiscal 2009 related to the incidents.
Carol Meyrowitz, CEO of The TJX Companies said “We have continued to learn more about the computer intrusion(s) and are now able to estimate the Company’s liability. Over the past months, we have worked diligently to further strengthen the security of our computer systems. Our customers remain our top priority, and I sincerely thank them for their support during this time.”
According to an anonymous source interviewed by InofrmationWeek, “Poorly secured in-store computer kiosks are at least partly to blame for acting as gateways to the company’s IT systems.” Hackers used these kiosks, placed for electronic job application, to upload software that funneled data directly from the company’s unsecured network.
Separately, The Wall Street Journal reported data theft via an unsecured Wi-Fi network accessed by thieves in a Marshalls parking lot last May.