"Many consumers are nervous about using their credit cards online, but in this case -- probably the biggest heist of credit cards in history -- the information stolen was from shoppers who had walked into a high street store, and bought their clothing face-to-face using plastic," said Graham Cluley, senior technology consultant for Sophos. "Big businesses must defend their systems from these kind of intrusions or risk undermining customer confidence. Consumers meanwhile need to keep a close eye on their credit card accounts and raise a flag if there are unexpected debits which could be the work of fraudsters."
A statement on TJX's Web site acknowledged that precise details of what had occurred remained sketchy: "We do not know who the intruder was, or if there were one or more intruders ... Due to the type of technology used in the intrusion as well as deletions of transaction data in the ordinary course, we can't now, and believe that we may never be able to, identify much of the information believed stolen."
The fact that TJX has not managed to identify customers who may be affected by the security breach has raised concern amongst some shoppers.
"It's understandable that people should be concerned that their credit cards may have fallen into the hands of hackers through no fault of their own. Members of the public who identify unauthorized or suspicious card use should contact their bank immediately," advised Cluley.