TK Maxx – poor wireless LAN security
Hackers gained access to TK Maxx's wireless LAN and stole 45 million customer records from the retailer's parent business. TJX, the parent company of TK Maxx, has protected its wireless network with Wired Equivalent Privacy (WEP), one of the weakest kinds of wireless LAN security. In the second part of 2005 and into 2006, hackers hacked in and stole the information, which contained millions of credit card numbers.
Hackers hacked the WEP encryption standard used to send data between price-checking equipment, cash registers, and computers at a Minnesota retailer, according to The Wall Street Journal. The thieves then stole usernames and passwords from employees connecting to the company's core database in Massachusetts. As a result, the hackers were able to obtain millions of credit card details in 2005 and 2006, costing the company $118 million (£94 million) in damages at the time, however, this amount has subsequently escalated to $162 million (£129 million) due to the fallout.
Cost: £129 million