Eleven Alleged TJX Hackers Have Been Charged

Eleven people have been charged with hacking TJX and other major retailers. Three of the defendants are from Miami, the location of 1 is unknown and the rest are based outside the U.S. in locations including the Ukraine, Estonia, China and Belarus. The Department of Justice alleges that the defendants gathered the credit/debit card info by wardriving, which involves driving around with a laptop, antenna and wireless LAN adapter in order to identify and exploit wireless networks that have ranges outside of buildings. One of the potential protections companies can employ to combat wardriving is the WPA encryption standard. As previously reported, TJX was accused of not updating its systems appropriately to meet current standards. Further, a scan of 800 retailers conducted in New York earlier this year by AirDefense found that one-third of those retailers had no security on their wireless networks and another third had weak encryption, such as the flawed protocol TJX was accused of using.

For information about evaluating insurance forms providing security and privacy protections, review LJ’s Top 5 List of What to Watch Out For and Finding Coverage for Privacy Regulatory Imposed Civil Fines.