BreachExchange mailing list archives
follow-up: How TJX Avoided Wall Street's Wrath
From: security curmudgeon <jericho () attrition org>
Date: Wed, 6 Feb 2008 08:23:24 +0000 (UTC)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://www.cio.com/article/179603 By Thomas Wailgum February 05, 2008 CIO.com By the end of 2007, The TJX Companies, which owns T.J. Maxx, HomeGoods and Marshalls stores, had reported that approximately 100 million credit and debit card owners' information had been compromised by hackers, possibly dating back to 2003. The size and scope of the breach, as well as the lack of adequate security controls to mitigate the criminal activity, were breathtaking. And yet Wall Street analysts didn't seem to care. In January 2007, when TJX first announced the "unauthorized intrusions," its stock traded around $29.The price hit a low of $26 in the spring as the scope of the breach expanded, but the stock price rebounded to a high of $32 in the fall. (In early February 2008, it was still trading around $32.) In fact, the lack of financial fury by the analyst community was entirely predictable. Research from Emory University's Marketing Institute in 2006 found that when a company announces a security breach its stock price drops between 0.6 percent and 2.1 percent, which is usually not a huge hit to the bottom line. To retail analyst Paula Rosenblum, a managing partner with Retail Systems Research, the reason why TJX was able to escape unscathed is simple: TJX's customers didn't care, so why should Wall Street. [..] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- follow-up: How TJX Avoided Wall Street's Wrath security curmudgeon (Feb 06)