Shopped at a T.J. Maxx or Marshalls last year? How about A.J. Wright or HomeGoods?
You might have got more than you bargained for.
The credit and debit card information of some customers was stolen in mid-December in a nationwide security breach. Information dating back to 2003 was taken from TJX Companies Inc., which owns the affected stores.
About 10 people who use the MSU Federal Credit Union are among those who had their card numbers stolen. They were sent letters informing them they would receive new cards and personal identification numbers, said Joyce Banish, vice president of marketing for the credit union.
Throughout the country, banks have sent alerts to consumers whose debit or credit information was compromised. There is little that the East Lansing-based credit union can do, Banish said.
"Our hands are tied it's Visa (USA) regulations and Visa enforcing rules," she said.
An e-mail from Visa Vice President Rosetta Jones stated that the company is working with TJX and law enforcement agencies to investigate the situation.
The credit union plans to close those 10 Visa accounts by Feb. 12 and is asking customers to change their personal identification numbers, or PINs.
Psychology junior Hanya Ombima, one of the 10 people affected by the incident, said she doesn't frequent the stores and would prefer not to go through getting a new credit card and PIN.
"I don't really shop at T.J. Maxx or Marshalls anyway," she said. "I haven't been to either store since this summer, and when I did go, I just got a zip-up hoodie."
According to the TJX Companies Inc.'s Web site, the system was intruded in mid-December by an unidentified hacker who stole debit and credit card transactions, however the names and PIN numbers of those customers were not compromised.
TJX assures its customers they have improved their computer system with the help of General Dynamics Corp., which works with the U.S. government and IBM to improve computer security.
Staff writer Michelle Ortlieb contributed to this report.