[Dataloss] follow-up: How TJX Avoided Wall Street's Wrath
security curmudgeon
jericho at attrition.org
Wed Feb 6 08:23:24 UTC 2008
---------- Forwarded message ----------
From: InfoSec News <alerts at infosecnews.org>
http://www.cio.com/article/179603
By Thomas Wailgum
February 05, 2008
CIO.com
By the end of 2007, The TJX Companies, which owns T.J. Maxx, HomeGoods and
Marshalls stores, had reported that approximately 100 million credit and
debit card owners' information had been compromised by hackers, possibly
dating back to 2003. The size and scope of the breach, as well as the lack
of adequate security controls to mitigate the criminal activity, were
breathtaking.
And yet Wall Street analysts didn't seem to care. In January 2007, when
TJX first announced the "unauthorized intrusions," its stock traded around
$29.The price hit a low of $26 in the spring as the scope of the breach
expanded, but the stock price rebounded to a high of $32 in the fall. (In
early February 2008, it was still trading around $32.)
In fact, the lack of financial fury by the analyst community was entirely
predictable. Research from Emory University's Marketing Institute in 2006
found that when a company announces a security breach its stock price
drops between 0.6 percent and 2.1 percent, which is usually not a huge hit
to the bottom line.
To retail analyst Paula Rosenblum, a managing partner with Retail Systems
Research, the reason why TJX was able to escape unscathed is simple: TJX's
customers didn't care, so why should Wall Street.
[..]
More information about the Dataloss
mailing list