Now Available:

Featured Resources:

Newsletter

Email Address:


Ask the Expert

Have a question for our resident expert? Email your questions to Rebecca.

Addressing Web-Based Access and Authentication Challenges

From: The Essentials Series: IT Compliance - Volume II

By: Rebecca Herold

Many incidents occur through access and authentication vulnerabilities. Let’s look at some highlights of a recent event that may have been the result of such weaknesses.

  • Sometime in December 2006, TJX Companies Inc. discovered vulnerabilities in their computer systems and networks that allowed unauthorized access to their data, including their customers’ personally identifiable information (PII).
  • On January 17, 2007, TJX announced its computer network that handles customer transactions for around 2500 retail stores was hacked into, and PII, including credit, debit, and driver’s license information, was stolen.
  • On January 22, the Massachusetts Bankers Association (MBA) said that banks had to cancel and reissue cards affected by the breach and that the banks that issued the cards, rather than individual consumers, would cover all fraudulent purchases.
  • On January 24, the MBA said that fraudulent use of the stolen debit and credit card information from the TJX breach had been reported by banks in Florida, Georgia, and Louisiana, as well as overseas.

Access to this article or resource requires registration

Registration is absolutely free! You will receive access to all articles, eBooks, and white papers in the Realtime IT Compliance Digital Library.

In addition, you will gain access to Realtime Nexus, the world's leading portal for free Information Technology eBooks.

Enter your email address and click JOIN NOW

E-mail address:

Already registered?

Sign in here:

Email address:

Password:

PLEASE NOTE: If you are a Realtime Nexus user, then use your Nexus login and password. The login is your email address.

Forgot your password? Click here.