Didn’t get a letter in the mail about the TJX breach?
By Consumers Union on Wednesday, January 24th, 2007
You’ve likely heard about the hacker that made way into the TJX database (operators of retail chains including TJ Maxx and Marshalls) full of drivers’ license, credit card, debit card information recently, or maybe not so recent as some reports are now saying the breach may have occured in May.
But will you get a letter, phone call or email letting you know if your numbers (account, driver’s license, etc) was part of this data breach? But don’t hold your breath, you may not be getting that notice, depending on what state you live in and the size of the breach.
For instance, in California (who has one of the “gold” standard notice of data security breach laws), if the cost of notify consumers is more than $250,000 or more than 500,000 persons need to be notified, you won’t be getting that individualized letter. Instead, your more likely to hear about the breach from the media (although the requirement includes sending out an email if there is one, and a “conspicuous” posting on the person or business’ website). And in Pennsylvania, as the Pittsburg Post-Gazette, if more than 175,000 PA consumers need to be notified and it costs over $100,000, you won’t be getting a letter, call or email there.
Bottom line is, companies need to store our personal sensitive data like it’s worth something.