TJX, Reed Elsevier PLC and Seisint face the same punishment. No fines were levied, but the FTC will require the retailer to implement comprehensive information security programs and obtain audits by independent third-party security professionals every other year for 20 years. Last January, TJX revealed its computer servers had been hacked, and more than 45 million customer records were breached. TJX settlement is the 20th case where the FTC has used its regulatory muscle to rein in security-deficient companies that don’t protect sensitive consumer information.”]
Source: https://www.bankinfosecurity.com/tjx-settles-feds-a-791

