TJX Fires Employee For Disclosing Vulnerability

Posted by kdawson on Tuesday May 27, 2008 @08:57AM from the shoulda-used-wikileaks dept.

I Don't Believe in Imaginary Property writes "A TJX employee was fired for an online post mentioning that TJX hasn't beefed up security after the recent, massive data breach that saw 94 million credit card numbers copied by criminals and money from their accounts stolen. The employee mentioned that, at first, their usernames were the same as their passwords. After they required stronger passwords, some managers complained, so they 'compromised' by allowing blank passwords. The whistleblower said he discussed his concerns with management, but that it was like talking to a brick wall. In spite of the weak internal security, TJX now has a firm that scours the internet to find bad things posted about them, which is how they found the message and fired him for it. Too bad they don't appear to have hired anyone to beef up operational security or to convince people to use strong passwords."

1 of 217 comments (clear)

Min score:

Reason:

Sort:

Re:ah well by twiddlingbits · 2008-05-27 14:58 · Score: 0, Flamebait

I didn't say he was anything. I was reacting to those who said he should have no trouble finding an IT Security job. I didn't question the premise of the employee's Job Title or not only the conclusion derived from it. I suggest your work on your LOGIC skills a little harder, your English seems fine. You must also be new here, it's common on /. to react without reading the full story. Get used to it. RTFA is not common. This country where I live (USA) is in pretty good shape considering the shape other countries are in. It's not perfect but it's better than most.