JACKSON — Attorney General Jim Hood, together with 40 other state attorneys general, has reached a settlement with TJX Companies Inc. The company is a discount retailer that owns stores such as T J Maxx and Marshall’s.
The “Assurance of Discontinuance” between the parties resolves an investigation concerning TJX’s data security practices and whether it adequately protected customers’ financial information and sufficiently guarded against a data breach that placed thousands of consumers’ personal data at risk, nationwide.
TJX has agreed to pay $9.75 million to the states involved, and to implement and maintain a comprehensive information security program designed to safeguard consumer data and address any weaknesses in TJX’s systems in place at the time of the breach. Under the terms of the settlement, the State of Mississippi will receive $26,837 to aid consumer protection enforcement and efforts to protect consumers’ personally-identifiable information.
In 2007, after TJX announced that certain persons had obtained unauthorized access to its computer systems enabling them to seize cardholder data and other personally identifiable information, the coalition of attorneys general conducted an extensive investigation into TJX’s data security policies and procedures in place when the breach occurred. That investigation uncovered a number of alleged vulnerabilities and flaws in TJX’s data security systems that facilitated the unlawful intrusion and allowed it to last undetected for an unacceptable duration.
The company cooperated fully in the states’ investigation.