Citizens National Bank

MGMT305-1102A-10

By: Karen Horne9

May 27th 2011

Professor Raton

AIU

Abstract

The worst Data Theft Ever

The first question we have to list the security control weaknesses of the TJX Companies.

1). they had an old system Wired Equivalent Privacy (WEP) this system is easy for the information to be hack into.

2). they waited for 15 months before reporting the theft.

3). TJX neglected to install firewalls and the data encryption on their computers that had wireless network.

4). Then they did not properly install another type of security.

What management and the organization and technology contributed to this weakness? The management failed by not making sure that the systems was updated They claimed that they did not know if there was one intrusion or multiple intrusions but in Dec 18 they knew of the suspicious software by December 21st that the computer system had been intruded and was still on their system. The thieves drove around and scanned the company’s wireless networks then they installed a sniffer program that could affect the accounts overseas. They also sent information overseas to Ukraine, Latvia and the United states. The main point is they had the information to protect their customers information they just did not take the time to apply the updates. The technology that they used was able to get into Marshall’s and install a sniffer program within the chain parent company.

What impact that this had on TJX’s data loss and TJX, consumers, and banks? This cost the TJX Company over $202 million, but the banks spent over $300 million and they made an agreement with Visa U.S.A. where they had to establish a $40.9 million fund to compensate banks. That has been affected