? TJX theft tops 45.6 million card numbers TJX公司被盜取45600000卡號 Robert Lemos, SecurityFocus 2007-03-30 ? More than three months after detecting a breach of its systems, retail giant TJX Companies released this week its best guess at the number of customers whose credit-card information and other data were stolen by online thieves. TJX公司經過3個月的系統漏洞探測分析，發現許多的客戶信用卡和用戶信息在互聯網被盜。 Information from at least 45.6 million credit cards had been stolen by unknown attackers who had breached the company's computer transaction processing systems between July 2005 and mid-January 2007, TJX stated in its annual report filed with the U.S. Securities and Exchange Commission (SEC) on Wednesday. It's a number that will only likely grow larger: The tally of 45.6 million credit-card accounts was calculated from data records for transactions processed between December 31, 2002 and November 23, 2003. Data files after November 2003 were deleted in the "ordinary course of business" but not before the records were likely stolen, TJX stated in its annual report. TJX在星期三的年度報告上用了大段篇幅談到業務安全問題（安全業務代理），目前還不知道是誰所為，從2005年7月到2007年1月中旬這個入侵者通過系統漏洞盜取了至少45600000個信用卡號。被盜取的信用卡號也許比公布的數字還要高。45600000這個數字是通過2002年12月31日到2003年11月23日的交易數字分析得出來的。 "To date, we have been able to identify only some of the information that we believe was stolen," the company stated in the report. "Deletions in the ordinary course of business prior to discovery of the Computer Intrusion and the technology used by the Intruder have, to date, made it impossible for us to determine much of the information we believe was stolen, and we believe that we may never be able to identify much of that information." 公司在報告中還說到：“到目前為止，我們僅僅能確認一部分的卡號已經被盜，公司幸好提前發現入侵，并發現了入侵者的入侵手段。到目前為止，我們不能確定具體盜取了多少信息。” The breach is the largest known data theft to date, topping the 40 million credit-card numbers put at risk by a breach of CardSystems Solutions' processing systems in 2005 and leaving in the dust the 26.5 million personnel files stored on a laptop and external hard drive which were stolen from the home of an employee of the U.S. Department of Veterans Affairs. The laptop was later recovered. 這是目前由于系統漏洞的原因導致數據被盜的最大額度，多達40000000個信用卡由于信用卡系統的原因裸露在危險的地方。在2005年，存儲有26500000個個人信息的硬盤被盜，原因是這個存儲數據的硬盤被發現在一個職員的家里，之后這臺筆記本的數據被刪除。 The TJX breach became public in January when the company announced it had discovered that online attackers had compromised its network. Originally the company thought the first attack had occurred no earlier than May 2006, but in late February, announced that evidence pointed to intrusions as far back as July 2005. Banks have reissued a large number of credit-card accounts put at risk by the breach, and Florida law enforcement has stated that a ring of gift-card fraudsters had used the stolen numbers to buy more than $8 million in merchandise. 當公司在1月份公布發現入侵者入侵系統的時候，他們認為黑客可能是在2006年5月份入侵系統的，沒有想到黑客早在2005年7月就入侵了系統。銀行重新發布了大量的信用卡帳號，Florida（美國州名）州法律剛剛公布了一個法律關于用戶卡被盜的法律。這個法律用于當卡被盜的時候，將承受高達8000000美元的罰款。 ? The company minimized such reports in its financial statement. 公司在這份報告中還涉及到減少財政狀況。 "While we have been advised by law enforcement authorities that they are investigating fraudulent use of payment card information believed stolen from TJX, we do not know the extent of any fraudulent use of such information," the company said in its annual report. "Some banks and payment card companies have advised us that they have found what they consider to be preliminary evidence of possible fraudulent use of credit payment card information that may have been stolen from us, but they have not shared with us the details of their preliminary findings." “當我們咨詢相關法律專家后發現：是入侵者從TJX公司盜取用戶卡信息的，我們不知道任何有關盜竊的過程和這些信息被盜取后的用途。“一些銀行和信用卡公司建議我們給他們提供相關被盜信用卡信息以防止這些卡的信息被泄漏，但是他們沒有反饋他們發現的問題。 company found that two of its computer networks had been breached. The online attackers compromised the company's systems in Framingham that process and archive transactions and returns from its stores in the U.S. and Puerto Rico as well as its Winners and HomeSense stores in Canda, the firm stated in its annual report. Attackers also breached "a portion of our computer systems" in Watford, U.K., that process and archive transactions from the company's T.K. Maxx stores in the United Kingdom and Ireland, TJX stated. 公司發現公司內部網絡已經被入侵，入侵者從Framingham入侵系統，并且把一些文件傳送到他們的機器中。黑客們也入侵了在U.K.“的部分系統”。他們從存儲其中獲取了一部分數據。 Only about a third of the credit-card accounts, about 15 million, are likely at risk because of the attacks, because the other two thirds of the credit-card numbers had expiration dates that had passed at the time the accounts were stolen, according to TJX's report. However, the company did not have information on the number of credit-card issuers that used the same numbers when extending the expiration date. 報告中還指出：大約有三分之一的信用卡，大約15000000個信用卡號由于入侵者的原因，他們正處于危險之中。另外的三分之二個卡號由于已經過期。然而，公司由于沒有信用卡發行者的相關信息，導致當卡過期的時候，公司不能確定卡的有效期時間。 In addition, more than 450,000 names, addresses and personal ID numbers (in most cases, the person's Social Security number) were also taken from the servers, the company stated. 另外，多達450,000個名字，地址和個人ID號（個人社保卡卡號）將被泄漏，我們也把這些信息放在服務器上。 The latest details revealed by TJX's annual report could further worsen the company's financial situation, said Bruce Cundiff, senior analyst for Javelin Strategy and Research. The company has already recorded a pre-tax charge of $5 million to pay for expenses caused by the breach. 高級分析師Bruce Cundiff說道：在最近的TJX的年度報告中顯示公司的財政狀況，公司已經拿出5000000美元的投入專門用來解決系統漏洞的問題。 "The more news that comes out, the worse it seems for TJX," Cundiff said. "I don't think we have seen the punishment yet that the market is going to bring to bear due to customer dissatisfaction." Cundiff說：“更多的信息顯示，TJX的情況將會更糟，我們當然不想看到TJX公司變得更糟，但是由于客戶的不滿情緒，市場上已經對TJX的公司的信任度有所轉移。“ In a survey that the analyst firm will release next week, Javelin found strong evidence that consumers are likely to vote with their feet. "They are really giving a strong indication that, if they know about a data breach--and TJX is really the most publicized to date--there is a strong chance they will never shop at that store again," Cundiff said. 下周將得出更詳細的調查結果，Javelin發現TJX客戶的一些情況：“他們的想法很明顯：如果他們知道TJX的用戶信息被盜——如果TJX宣布了這個消息——那么他們將不再去TJX的商店買東西了。” ? The retail giant is besieged with consumer legal actions as well. According to the annual report, consumers have filed 12 lawsuits against the company in the U.S. and another six in Canada. A group of Massachusetts banks have filed a lawsuit for the cost of replacing consumers' credit cards and other damages, and the Arkansas Carpenters Pension Fund, which reportedly owns 4,500 shares of the company, has commenced proceedings to open up the company's books. 公司也承受著被消費者起訴的困擾。在年度報告中分析：在美國法律中，消費者可以通過12個法律條款來起訴他們，而在加拿大則有6項條款。在Massachusetts（美國州名）州的一些銀行已經開始整理相關的法律文件來應對突發事件。據說，Arkansas Carpenters Pension基金公司則已經開始整理所屬4500個用戶的相關信息。 The U.S. Federal Trade Commission and a group of 30 states' Attorneys General have started separate investigations. The Office of the Privacy Commissioner of Canada has also initiated a formal investigation, TJX stated in its report. 在TJX的報告中指出：美國聯邦商業委員會的30個國家的首席部長已經開始逐個調查他們所屬系統情況。在加拿大的調查委員也已經展開了秘密調查。 The company has hired IBM and General Dynamics to help investigate and improve its security. In addition, the U.S. Secret Service is investigating the intrusions. 公司已經雇傭IBM和General Dynamics（國防承包商）公司來幫助他們完善和增強他們系統的安全性，最后由美國安全服務商來調查入侵者情況。 ?

總結

以上是生活随笔為你收集整理的TJX theft tops 45.6 million card numbers——TJX公司被盗取45600000卡号的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。