Warning: TJ Maxx Credit Card Weak Security Measures
I don’t normally use my website for this but wanted to raise a flag here for anyone that has a TJ Maxx Credit Card.
I just closed my account with them and here is why.
Summary: TJ Maxx’s Synchrony bank online system allows someone to change your online account info (including password, billing address, etc) and then make fraudulent online purchases with just 1) your log in id (which is often your email) and 2) your current billing zip code. An easy hacking situation. Which happened to me just last week. (Luckily my story has an non-tragic ending.)
For comparison, other credit cards like Athleta (also with Synchrony bank) will not allow you to change your online account details without a passcode given via a phone call to your phone number on file with them (a wonderful two-step verification process that the Athleta card uses).
Last week I received an email from Synchrony bank that my address had been changed associated with my TJ Maxx credit card. It said that if it wasn’t me, to notify them immediately.
It wasn’t me. We haven’t moved and I hadn’t been on line that day in that account.
I went into my online account, and couldn’t get in… whomever had hacked into my account also changed my password. I selected the option to have my password changed and it asked for my log in id and billing zip code (that’s it). It wouldn’t change my password because… the thief had changed the billing address and zip code.
I called the TJ Maxx bank card number and eventually they got me to the fraud department where we identified the false charges the thief had tried to make, fixed the change of address back to my actual address, canceled my current card, froze my online account and ordered to have a new one issued. That part, was all good. My new card was supposed to get here Monday and I would get new online access to my account. But, the new card didn’t come. So today I called to check in and found out the new card wasn’t sent (the agent had a problem getting it sent out). Given the whole situation I decided to just pay my balance over the phone, and closed the account, telling them politely why.
We are members of LifeLock and I notified them of the initial situation after calling TJ Maxx Synchrony bank and working with them. When I told the LifeLock agent how easy it was for someone to hack into my online account (and then start using my account to purchase items online), she was shocked at their low levels of security. After making sure LifeLock had everything they needed I then worked with Experian (that is who Synchrony bank reports to) about the fraudulent change of address and to notify them that someone had successfully hacked my account. I also told the fraud department agent at Experian about the TJ Maxx security measures and she said that she has one too and will watch it more closely now.
I love TJ Maxx and I love the rewards dollars but with their current lack of modern day security measures, I don’t want their bank card with them.
My situation was stressful but regarding identity theft possibilities could have been so much worse. I wasn’t out any monies, I learned a lot about how retail stores can choose their own security settings with their bank partners and I’ve changed my log in ids and passwords to be different and hard for every account including social media, choosing two step verification wherever it’s installed.
So, I love you and wanted to share my experience in the hopes of passing the info along so that you can stay safe from identity thieves. Not to be afraid, but to be smart 🙂
Jill Renee Feeler
#identitytheft #TJMaxx #synchronybank #tjmaxxrewardscard #onlinesecurity #besafe #randompasswordgenerator #experian #lifelock #somerewardsarentworthit #ugh #besmart #couldvebeenworse