TJX Cos., a discount retailer that operates the T.J. Maxx and Marshalls stores, said the unauthorized intrusion into its computer systems may have occurred beginning in July 2005, almost a year earlier than the company previously believed.
Credit and debit card data from transactions in the U.S. Puerto Rico and Canada between January 2003 and June 2004 may have been compromised, Framingham, Massachusetts-based TJX said in a statement today. Names and addresses weren’t included in the data believed that may have been accessed.
TJX said Jan. 17 that computers with customer transactions were accessed by intruders. The retailer took $5 million, or 1 cent a share, in charge for the intrusion-related costs in the fourth quarter.
The retailer, which continues to investigate the breach, also found additional drivers’ license numbers with related names and addresses that it said may have been accessed by intruders. An intrusion to the portion of its computer system that processes transactions in its U.K. unit T.K. Maxx also has been found.
Separately, the company said fourth-quarter net income fell 29 percent to $205.5 million, or 43 cents a share, from $288.7 million, or 60 cents, a year earlier. The closing of 34 A.J. Wright stores hurt profit by 8 cents a year.
Excluding that and a 1-cent-per share cost related to the computer systems intrusion, TJX had profit of 52 cents, 1 cent above the average estimate of analysts surveyed by Bloomberg.
