Watford at centre of 'world's biggest' card scam (From This Is Local London)

Watford at centre of 'world's biggest' card scam

8:54am Friday 30th March 2007 in

• Skip social links
• Print
• Email
•  

WATFORD is at the centre of what is thought to be the world's biggest credit card scam, it has been revealed.

Hackers have stolen the bank card details of millions of shoppers from the bargain retail chain TK Maxx, which has its headquarters in Watford.

The crooks stole 45.7 million credit and debit card numbers from the US and British-based computer systems of the American retailer TJX, which owns TK Maxx.

The data was accessed on TJX's systems in Watford, and Massachusetts over a 16-month period and covers transactions dating as far back as December 2002.

"We suspect that these files contained payment card transaction data, some or all of which could have been unencrypted and unmasked."

TJX spokesman

According to the BBC, 100 files were moved from its Watford computer system in 2003, and two files were later stolen.

The firm believes all of TK Maxx's 210 stores in the UK and Ireland were affected.

"We suspect that customer data for payment card transactions at TK Maxx stores in the UK and Ireland has been stolen," said the company.

"We suspect that these files contained payment card transaction data, some or all of which could have been unencrypted and unmasked."

A media scrum is starting to form outside the Watford HQ, but TK Maxx has refused to make a comment to its UK customers.

A TK Maxx spokeswoman told the Watford Observer to contact its parent company in the US for an official comment.

It's not known how many UK customers have had their details stolen or if any UK customers have been the victims of fraud.

However, US law enforcement agencies, including the FBI, said there was evidence that the information had been used for fraudulent transactions.

The firm does not know who the intruders were, or how many people were a part of the scam.

No UK police investigationScotland Yard said any British criminal investigation would fall under the jurisdiction of Hertfordshire police.

A Hertfordshire police spokeswoman said it had not launched an investigation as no complaint had been filed.

"If we were asked to investigate we would," she said.

The TK Maxx spokeswoman confirmed it had not filed a police complaint in the UK.

TJX president and chief executive officer Carol Meyrowitz said the company first learned of the probability of a breach in mid-December 2006, but it's believed their computer system was first "intruded" in July 2005.

In a press statement issued last week, the company revealed that customer transactions in the UK and Ireland could be involved.

TJX defended the delay in warning its customers of the security breach.

"The work involved in this investigation, which is ongoing, is extremely detailed and it has taken some time to check each finding for accuracy," Sherry Lang, TJX senior vice president of public relations, said.

The company urged its customers to carefully review their account statements and immediately notify their credit or debit card company or bank if they suspect fraudulent use.

Ms Meyrowitz added: "Since we learned of the probability of a breach in mid-December 2006, we have cooperated with law enforcement as well as with the banks and credit card companies that process our customer transactions," she said.

"With the help of computer security experts, we have strengthened the security of our computer systems and we believe customers should feel safe shopping in our stores."

• Customers in the UK should telephone the help line on 0800 779015.

• The TK Maxx website explains how to contact credit card issuers.