Security Breach at TJX
(7 pages of text)
The chief security officer of TJX Companies Inc. (TJX) faces a dilemma on his first day on the job. The company has discovered in December 2006, a computer intrusion dating back to 2005. There is an ongoing investigation, involving the Federal Bureau of Investigation (FBI) into the attacks. The company is also in the middle of several class action law suits over losses suffered by financial institutions due to breaches of customer privacy. The chief security officer has to focus on plugging the loopholes in the company's information technology (IT)security, in the short term, and taking steps to ensure in the long term that the attack does not recur. He also had to get the management of TJX to start looking at IT security not as a technology issue but as a business issue.
The objectives of this case are to:
- teach students the role that business leaders play in making decisions regarding the protection of IT assets
- teach students basic business concepts regarding security and privacy
- teach students about the scope and depth of adequate security plans
This case is suitable for all levels of students - from undergraduate to MBA to Executive MBA classes. Assignment questions are designed from the perspective of teaching this case to a business student audience. The case could certainly be adjusted to fit the needs of students in more technical disciplines.
United States, Large, 2007
$5.30 CAD / $5.00 USD Printed Copy
$4.50 CAD / $4.25 USD Permissions
$4.50 CAD / $4.25 USD Digital Download