Wednesday, June 13, 2007

TJ Maxx: Privacy and Consumer Apathy

Information Week is reporting on the financial statements for TJ Maxx following the massive security breach last year and – surprise! – sales at the retailer are up 6% over last year.

Given the scale of the breach – customer financial information dating back to 2003 was stolen – and the revelation that TJ Maxx was retaining far more information on customers far longer than required to support the transaction, I am surprised that sales did not go down. What message are customers sending to retailers about the importance of privacy and the trust that consumers place in them when making a transaction? Are customers so weary of hearing about security breaches that they have become apathetic to the issue?

It’s not that TJ Maxx hasn’t made an effort to redress the problem:

The company reported a charge of $20 million, or 0.5% of net sales for the last
quarter of 2006 toward investigating and containing the computer intrusion, work
to improve the company's computer security and systems, communicating with
customers, and technical, legal, and other related costs
And many irate consumers are taking the issue to court:

TJX is facing class-action lawsuits from customers in state and federal courts
in Alabama, California, Illinois, Massachusetts, Michigan, Ohio, and Puerto
Rico, as well as in provincial Canadian courts in Alberta, British Columbia,
Manitoba, Ontario, Quebec, and Saskatchewan. Additional class-action suits from
financial institutions affected by the computer intrusion -- those
issuing
credit and debit cards used during the time of the intrusion
-- have been
filed against TJX in federal court in Massachusetts. All-told, nine lawsuits
have been filed against TJX since April 17.
Still, it is stunning that a retailer can expose consumers to one of the largest and most costly security breaches in history and the shoppers just keep on shopping.

5 comments:

Anonymous said...

I agree with the questions on this issue pertaining to the apparent customer apathy, but I'd like to add that this is the first I've heard of this T J Maxx information theft.

I consider myself fairly attentive to such news stories, but apparently I missed this one. Is it possible that it was under-reported on mainstream and online news outlets?

Thanks again for bringing attention to these issues.

Ballard said...

Not to jump into the deep-end of the stereotype pool, but I wonder what percentage of TJ Maxx customers are all that financially or technically savvy, of for that matter, what proportion watch news with any regularity. Unless TJ Maxx sends each possible victim a direct (and coherent) letter, I suspect most will have no idea that this has happened.

Sharon E. Herbert said...

Hi Adam, This was very widely reported on the CBC in Canada - I heard about it on the radio. I also recall seeing a lot about it on the Internet at the time.... Anyone else recall?

Sharon E. Herbert said...

Ken, it is certainly a possibility that many customers were unaware. The TJ Maxx website (we have Homesense and Winners in Canada)has a customer alert at the top of their webpage, but as you mention, customers shopping in the store may not have been aware or informed. Thanks for your commment!

Anonymous said...

I'm a former TJMaxx employee (worked there two years ago), and I'm also fairly attentive to current events...this is also the first time I'm hearing about this "massive security breach"...

So, I'm also in the camp that assumes that most shoppers have been unaware of the breach.