For Immediate Release - January 22, 2007

AG COAKLEY OFFERS ADVICE TO CONSUMERS ABOUT THE SECURITY BREACH ANNOUNCED BY TJX COMPANIES, INC.

BOSTON - On Wednesday, January 17, 2007, The TJX Companies, Inc., announced that it had determined that information was stolen from its computer systems that process and store information related to customer transactions. TJX reports that information regarding credit and debit cards sales transactions in TJX's stores in the U.S., Canada, and Puerto Rico during 2003, as well as such information for these stores for the period from mid-May through December 2006, may have been accessed. At this time, Federal law enforcement authorities are investigating the alleged breach. In light of this recent news, Attorney General Martha Coakley offers consumers information on how to protect their credit and debit information against identity theft.

To protect against identity theft, consumers who have shopped at the TJX Stores, including Marshalls, TJ Maxx, Home Goods, AJ Wright, and used their credit or debit card, or a check, to pay for goods purchased, may wish to take the following cautionary steps:

1. Call one of the three major credit bureaus and place a one-call fraud alert on your credit report:

  • Equifax: Call (800) 525-6285, and write: P.O. Box 740241, Atlanta, GA 30374-0241.
  • Experian: Call (888) 397-3742, and write: P.O. Box 9532, Allen, TX 75013.

    TransUnion: Call (800) 680-7289, and write: Fraud Victim Assistance Division, P.O. Box 6790 Fullerton, CA 92834-6790.

You only need to call one of the three credit bureaus; the one you contact is required by law to contact the other two credit bureaus. This one-call fraud alert will remain in your credit file for at least 90 days. The fraud alert requires creditors to contact you before opening any new accounts or increasing credit limits on your existing accounts. When you place a fraud alert on your credit report, all three credit bureaus are required to send you a credit report free of charge.

2. Order a copy of your credit report, and look for unauthorized activity. Look carefully for unexplained activity on your credit report.

3. If there is unexplained activity on your credit report, you may want to place an extended fraud alert on your credit report. If after reviewing your credit report you believe there is unexplained activity, you may want to place an extended fraud alert on your credit report. In order to do this, you need to file a police report with your local police department, keep a copy for yourself, and provide a copy to one of the three major credit bureaus. Then an extended fraud alert can be placed on your credit file for a 7-year period. This will mean that any time a user of your credit report (for instance, a credit card company or lender) checks your credit report, it will be notified that you do not authorize any new credit cards, any increase in credit limits, the issuance of a new card on an existing account, or other increases in credit, unless the user takes extra precautions to ensure that it is giving the additional credit to you (and not to an identity thief).

4. Contact the fraud departments of your credit card issuers or bank. You may want to contact the fraud department of the credit card company or bank that you used when you made purchases at the TJX stores. These financial institutions can monitor your account for suspicious activity. You may also wish to cancel these accounts; you can discuss this option with your credit card company or bank.

Additionally, TJX has established a toll free customer help line. Callers from the United States may reach the help line at (866) 484-6978. TJX has also posted information on its web site at www.tjx.com.

If you believe that you have been the victim of identity theft, you will need to take additional steps to protect your credit and your good name. For additional information, consumers may contact the Attorney General's consumer hotline at (617) 727-8400, or view the Federal Trade Commission's identity theft resource, available at www.consumer.gov/idtheft/.

##########