In a bizarre twist, Gonzales was purportedly on the U.S. Secret Service pay roll — making $75,000 per year — as an informant. Wow. We all know that the Intelligence Community often needs to be “in bed” with shady characters, but this one takes the cake. Our big question was Gonzales on the pay roll when he committed these data breaches? Could this mean that the Secret Service helped fund his criminal activity?

Regarding the Gonzales sentencing, as part of our outlook for 2010, we anticipated longer sentences for identity fraud criminals. Gonzales offense was enormous, hurting many victims and expending countless law enforcement resources. We advocate they throw the book at him.

We welcome any thoughts and feedback.

The company also stated in an official news release that it “firmly believes it did not violate any consumer protection or data security laws.” However, California Attorney General Jerry Brown had a different POV and cited the company’s 2004 internal audit, which found security vulnerabilities. Here’s what he had to say: “TJX ignored flaws in its credit card database, until hackers broke into it, gaining access to the personal information of almost 50 million people. This agreement requires the company to carefully test its security systems and upgrade them to the highest contemporary standards.”

So, what’s the moral of this story?? Always be prepared, stay one-step ahead of the bad guys and have the right breach plan in place.